rdr-it.io Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rdr-it.io/
Submission: On October 23 via api (October 23rd 2024, 4:58:31 pm UTC) from IT — Scanned from IT

Summary HTTP 45 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 45 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is rdr-it.io.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.

This is the only time rdr-it.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
19	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
45	8

7 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

rdr-it.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.rdr-it.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gstatic.com fonts.gstatic.com	180 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
7	rdr-it.io rdr-it.io analytics.rdr-it.io	237 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	257 KB
2	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682	66 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3409 pixel.wp.com — Cisco Umbrella Rank: 3394	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
45	7

	Domain	Requested by
19	fonts.gstatic.com	fonts.googleapis.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	rdr-it.io	rdr-it.io
3	pagead2.googlesyndication.com	rdr-it.io pagead2.googlesyndication.com
2	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	analytics.rdr-it.io	rdr-it.io analytics.rdr-it.io
1	fonts.googleapis.com	rdr-it.io
1	pixel.wp.com	rdr-it.io
1	stats.wp.com	rdr-it.io
45	9

This site contains links to these domains. Also see Links.

Domain
learn.rdr-it.io
legal.rdr-it.io
contact.rdr-it.io
rdr-it.com
www.youtube.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
rdr-it.io WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://rdr-it.io/
Frame ID: 2A1FC62C4CC70840FD7B300F2CF1EE78
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html
Frame ID: 77EE6FDB325A334829417484EA14F821
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5403661759056954&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729657814&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Frdr-it.io%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729702698179&bpp=5&bdt=1152&idt=2310&shv=r20241021&mjsv=m202410210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5918044542583&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759876%2C44759927%2C31087700%2C31088190%2C95344189%2C95345270%2C31088289%2C95344978&oid=2&pvsid=1063292819222612&tmod=497684035&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=2383
Frame ID: 5BA2BCC65EEA4DF7ED08B173EA71BD0A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5403661759056954&output=html&h=200&slotname=8193165344&adk=2610475486&adf=3253741200&pi=t.ma~as.8193165344&w=1200&abgtt=6&fwrn=4&lmt=1729657814&rafmt=11&format=1200x200&url=https%3A%2F%2Frdr-it.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729702698184&bpp=1&bdt=1157&idt=2395&shv=r20241021&mjsv=m202410210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5918044542583&frm=20&pv=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759876%2C44759927%2C31087700%2C31088190%2C95344189%2C95345270%2C31088289%2C95344978&oid=2&pvsid=1063292819222612&tmod=497684035&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=2410
Frame ID: 67FB11722A732CFBBDD789B1DD47540A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5403661759056954&output=html&h=200&slotname=8193165344&adk=3793996982&adf=3525382714&pi=t.ma~as.8193165344&w=813&abgtt=6&fwrn=4&lmt=1729657814&rafmt=11&format=813x200&url=https%3A%2F%2Frdr-it.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729702698185&bpp=1&bdt=1158&idt=2416&shv=r20241021&mjsv=m202410210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=5918044542583&frm=20&pv=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=1340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759876%2C44759927%2C31087700%2C31088190%2C95344189%2C95345270%2C31088289%2C95344978&oid=2&pvsid=1063292819222612&tmod=497684035&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2419
Frame ID: F3A61E00C7F0F842711E89D44A9A8109
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5403661759056954&output=html&h=250&slotname=8602917471&adk=3962129987&adf=3568199560&pi=t.ma~as.8602917471&w=300&abgtt=6&lmt=1729657814&format=300x250&url=https%3A%2F%2Frdr-it.io%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729702698186&bpp=1&bdt=1158&idt=2430&shv=r20241021&mjsv=m202410210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x200%2C813x200&nras=1&correlator=5918044542583&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759876%2C44759927%2C31087700%2C31088190%2C95344189%2C95345270%2C31088289%2C95344978&oid=2&pvsid=1063292819222612&tmod=497684035&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=2434
Frame ID: E6B2A9FEC5DE0257454C91B0B794393E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html
Frame ID: 95788F18800A931D95EBBF456EE84B31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html
Frame ID: 44EDA0E63A54DC89BDF9AC9AB6ECC605
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html
Frame ID: 06C1175E435B9B188CFCFB2A66B7F1E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html
Frame ID: 4B6ACCF9FFF477D7FD29CF929859ED41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RDR-IT | Tutoriels informatique

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

93 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

776 kB
Transfer

2052 kB
Size

7
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://learn.rdr-it.io/
Title: Cours IT

Search URL Search Domain Scan URL

URL: https://learn.rdr-it.io/course/active-directory-les-bases/
Title: Active Directory : les bases

Search URL Search Domain Scan URL

URL: https://learn.rdr-it.io/course/deploiement-dimage-windows/
Title: Déploiement d’image Windows

Search URL Search Domain Scan URL

URL: https://learn.rdr-it.io/course/le-bureau-a-distance-avec-windows/
Title: Le bureau à distance avec Windows

Search URL Search Domain Scan URL

URL: https://learn.rdr-it.io/course/mcsa-windows-server-2016/
Title: Certifications MCSA Windows Server 2016

Search URL Search Domain Scan URL

URL: https://learn.rdr-it.io/course/glpi-apprendre-a-linstaller-le-configurer-et-lutiliser/
Title: GLPI : les bases

Search URL Search Domain Scan URL

URL: https://learn.rdr-it.io/course/configurer-un-serveur-pour-heberger-des-sites-internet/
Title: Configurer un serveur pour héberger des sites Internet

Search URL Search Domain Scan URL

URL: https://legal.rdr-it.io/politique-de-confidentialite/
Title: Politique de confidentialité

Search URL Search Domain Scan URL

URL: https://contact.rdr-it.io/
Title: Contact

Search URL Search Domain Scan URL

URL: https://rdr-it.com/whoami/
Title: Whoami

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCTfW14_9MYLB6b8mB8Evq3w

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rdrit/

Search URL Search Domain Scan URL

URL: https://rdr-it.com/feed/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/rdr-it/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rdr-it.io/ 190 KB
37 KB 526ms
97ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr-it.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3e486101d5be08961d3960e0bf54bcce846e5aa8e1e7f3e6745d788d57b5201

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 14548
alt-svc: h3=":443"; ma=86400
cache-control: max-age=16070400
cf-apo-via: tcache
cf-cache-status: HIT
cf-edge-cache: cache,platform=wordpress
cf-ray: 8d73456009b4c806-DUS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 23 Oct 2024 16:58:17 GMT
last-modified: Wed, 23 Oct 2024 04:30:14 GMT
link: <https://rdr-it.io/wp-json/>; rel="https://api.w.org/", <https://rdr-it.io/wp-json/wp/v2/pages/21564>; rel="alternate"; title="JSON"; type="application/json", <https://rdr-it.io/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCTFYDlQhE%2FXDbiv6VB8QDNJlUhYvMbyGVy30RupMYFOi%2FHM%2FerLt47TOFeHMMsJmePW3avO9T26cPNfQhFcluTFZHrMT8WmR3SZVECVNVCPl1XpM8b8emhn1ig%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=17963&sent=8&recv=9&lost=0&retrans=0&sent_bytes=3928&recv_bytes=2284&delivery_rate=243049&cwnd=140&unsent_bytes=0&cid=baf35682c2d6e026&ts=140&x=0"
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: cc5_HTTP.200,cc5_front,cc5_URL./,cc5_F,cc5_Po.21564,cc5_PGS,cc5_,cc5_MIN.40d7baea694c0e9febfed09c2ba53eeb.css,cc5_MIN.d093a527939f279736c71fb3ec051069.js
x-turbo-charged-by: LiteSpeed
x-ua-compatible: IE=edge

GET
H2 200 webfontloader.min.js Show response
rdr-it.io/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 57ms
57ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr-it.io/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: rdr-it.io
URL: https://rdr-it.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"2f42-6711d0b2-10ebed;br"
age: 1489
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPE2HT27qE0aEpKxa92fSQWj3BaTUJEqKpLx46zbCr1gx7tHyQrCankUEq%2FAa6SVY5KfIp2MiQ3sMfFORhKINqV6bhPk4FjdlNV1FnMKL6z%2BdgPUy4OTBFFUSBE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=15916&sent=51&recv=25&lost=0&retrans=0&sent_bytes=42055&recv_bytes=2628&delivery_rate=2640761&cwnd=152&unsent_bytes=0&cid=baf35682c2d6e026&ts=222&x=0"
date: Wed, 23 Oct 2024 16:58:17 GMT
content-type: text/javascript
last-modified: Fri, 18 Oct 2024 03:06:26 GMT
vary: Accept-Encoding
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d734560aac8c806-DUS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 40d7baea694c0e9febfed09c2ba53eeb.css
rdr-it.io/wp-content/litespeed/css/ 232 KB
64 KB 59ms
59ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr-it.io/wp-content/litespeed/css/40d7baea694c0e9febfed09c2ba53eeb.css?ver=e0c3d
Requested by: Host: rdr-it.io
URL: https://rdr-it.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4793dfc130157d4abf2ba3c45858fe24bd85343935ac9c4d07f4a5cbfc03d343

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"39e90-67187892-100002;br"
age: 11941
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59at3M41LB67pslzrR2QeFV2a%2FuaMoxYqj867A8pi3XhxV3kMVBPJsqyvWJVVtIijU0jHG8T9E7ctIMJu%2Fr8PaHiTMy%2FXiVEJQgUpDpOi0DIjjbzqDQpRB5wuv8%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 30 Oct 2024 13:39:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=15916&sent=58&recv=25&lost=0&retrans=0&sent_bytes=47756&recv_bytes=2628&delivery_rate=2640761&cwnd=152&unsent_bytes=0&cid=baf35682c2d6e026&ts=225&x=0"
date: Wed, 23 Oct 2024 16:58:17 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 04:16:18 GMT
vary: Accept-Encoding
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d734560aaccc806-DUS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 jquery.min.js Show response
rdr-it.io/wp-includes/js/jquery/ 86 KB
32 KB 124ms
124ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr-it.io/wp-includes/js/jquery/jquery.min.js
Requested by: Host: rdr-it.io
URL: https://rdr-it.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"15601-655459b2-10e98a;br"
age: 1489
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DK0b4GGN5XmPBPz2G%2FgCEmkz2bDMTC69%2BwQ1wrCP48PIId5GKmGajtGyT9OLn6z1KCp7BL2E23gSo4mTZ7jQ0alCFIemOjjsstkTX7qxCAqnwnIKKn1Qi2DPAYA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=15916&sent=90&recv=25&lost=0&retrans=0&sent_bytes=85063&recv_bytes=2628&delivery_rate=2640761&cwnd=152&unsent_bytes=21896&cid=baf35682c2d6e026&ts=237&x=0"
date: Wed, 23 Oct 2024 16:58:17 GMT
content-type: text/javascript
last-modified: Wed, 15 Nov 2023 05:40:02 GMT
vary: Accept-Encoding
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d734560aacfc806-DUS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
DATA 200
OK truncated Show response
/ 298 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2283d9291a3d8f63719da402651c140a59dcf1cdc2f966feb2c9a972987d990f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
53 KB 853ms
117ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5403661759056954

Requested by

Host: rdr-it.io
URL: https://rdr-it.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

46d9a56d35c0cfa57df78de2da661b27ebf6c8de6c215c08813febb77f30c2f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://rdr-it.io/

Response headers

content-encoding: br
etag: 1439763630092382200
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 16:58:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 23 Oct 2024 16:58:18 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53614
x-xss-protection: 0
server: cafe

GET
H2 200 e-202443.js Show response
stats.wp.com/ 7 KB
3 KB 143ms
31ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202443.js
Requested by: Host: rdr-it.io
URL: https://rdr-it.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

cache-control: max-age=31536000
content-encoding: br
x-nc: HIT mxp
etag: W/14421-1717166113627.1218
x-minify: t
x-minify-cache: hit
access-control-allow-methods: GET, HEAD
expires: Sat, 18 Oct 2025 13:43:20 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:58:17 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx

GET
H2 200 d093a527939f279736c71fb3ec051069.js Show response
rdr-it.io/wp-content/litespeed/js/ 264 KB
76 KB 99ms
99ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr-it.io/wp-content/litespeed/js/d093a527939f279736c71fb3ec051069.js?ver=e0c3d
Requested by: Host: rdr-it.io
URL: https://rdr-it.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be02dc890ad5ef26509a9c31eb3d88f209e20915807e03b00b0043d4dd1ba00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"41fc0-67187892-10000d;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1fHLRgMtzAbzhinLPtphPODuHcSvZsEv4B0q0xEOh4c7UWEuHlemUIrzGrXxqx1cU8Gs%2FYPxBLzdPQrl8tDTFyBlYkbk5O13e%2Fv9%2F6A6yJUoUa0HicdeE6ky7c%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d734561bcdac806-DUS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=15751&sent=146&recv=44&lost=0&retrans=0&sent_bytes=147161&recv_bytes=2727&delivery_rate=4128686&cwnd=199&unsent_bytes=0&cid=baf35682c2d6e026&ts=433&x=0"
date: Wed, 23 Oct 2024 16:58:17 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Wed, 23 Oct 2024 04:16:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated Show response
/ 124 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3213c7ab5aa5fdeb34d835435e54be9819ae567521abf8024314a6679328f6da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 259 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2909117400dcc95f99cbcc62930bce751a820266f346a6e676aa573f71e922c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 397 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9355ce152872c40c2fa028d2a36eadc01de658de7abb2d2cf810109e025b7b0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 263 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4c33bbf181535ff02bb409811a9173d5f95484b4a9d5170110fa7f718399caf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 133 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5352e02c736e2181cd029f586fa15528c48655d67ce1f6112a1dc5f2a67f05ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 105 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c09d48121a480ca17dfbf6ba1c7c46a4e4a5dcfcf1e8151a3b89ba2d9e55cdf3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 41 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1421de015945036cff20c4c1969c1b8e4793fabdca801cc0876062f106ea54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 227 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68b75595afd2b064c9e83c7249e6df3cc87af9ea7e4cfb9f7012392f155b4b97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 36ms
29ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=143610480&post=21564&tz=2&srv=rdr-it.io&j=1%3A13.9.1&host=rdr-it.io&ref=&fcp=0&rand=0.08961056077092278
Requested by: Host: rdr-it.io
URL: https://rdr-it.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

cache-control: no-cache
access-control-allow-origin: *
content-length: 50
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 16:58:17 GMT
content-type: image/gif
server: nginx

GET
DATA 200
OK truncated Show response
/ 214 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2361de8a33f0623c9d2eb30c360e0b3936159415f98e05f9554df397ae5252e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdabce9a964fc817cfbaee1b548a5e03f0a18f1fda485698d37cbbe209bf442b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 507 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 715dd35635d9cf44efe18c2b5206089554e5fc0ce857ebd6957a983aa39218bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 714ms
87ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular,900%7CTomorrow:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap

Requested by

Host: rdr-it.io
URL: https://rdr-it.io/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

b4597f3a82c14505499b1e6456208893c19d482c77eb8bd1b81b8696c78f20ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 16:58:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 16:58:17 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 23 Oct 2024 16:58:17 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 index.php Show response
analytics.rdr-it.io/js/ 66 KB
22 KB 139ms
114ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rdr-it.io/js/index.php
Requested by: Host: rdr-it.io
URL: https://rdr-it.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlobYe6%2Ba7MPTMxcAwagtgmb8J25D4UyTMCMNkpb5lXkuLm6ZbaJehW2s6KFHi2C9KDe5%2FkLRNDaooPa5n6hQR31Pp%2BtH8CxUgxZv%2FqVmOZpBNqD%2B34SZbaB98L78Jnr6095PYqa"}],"group":"cf-nel","max_age":604800}
expires: Sat, 02 Nov 2024 16:58:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=15967&sent=211&recv=56&lost=0&retrans=0&sent_bytes=225601&recv_bytes=2809&delivery_rate=4528235&cwnd=232&unsent_bytes=0&cid=baf35682c2d6e026&ts=552&x=0"
date: Wed, 23 Oct 2024 16:58:17 GMT
content-type: application/javascript; charset=UTF-8
content-disposition: inline; filename=matomo.js
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 08:03:53 GMT
cache-control: public, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d7345625dd6c806-DUS
content-length: 21901
cf-apo-via: origin,host
server: cloudflare

POST
H2 204 index.php
analytics.rdr-it.io/js/ 0
448 B 82ms
80ms Ping
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rdr-it.io/js/index.php?action_name=RDR-IT%20%7C%20Tutoriels%20informatique&idsite=1&rec=1&r=097341&h=18&m=58&s=17&url=https%3A%2F%2Frdr-it.io%2F&_id=&_idn=1&send_image=0&_refts=0&pv_id=NLTevr&pf_net=429&pf_srv=96&pf_tfr=63&pf_dm1=262&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: analytics.rdr-it.io
URL: https://analytics.rdr-it.io/js/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://rdr-it.io/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: none
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUl%2BrHS639IeR5QQXYEtEODWpD%2FPFaCrEMpzJgDyu1xbutil0lsd604kW0dfC%2B1cMxr41SfhU8i9QFHzL4w%2Fz0BaSz1ttaSYtXYsQ2lAs8jId9DZI5lTLPLO4a1Ndk2705uHFxWu"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d7345636fa1c806-DUS
access-control-allow-origin: https://rdr-it.io
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=15927&sent=231&recv=60&lost=0&retrans=0&sent_bytes=248261&recv_bytes=3254&delivery_rate=4528235&cwnd=232&unsent_bytes=0&cid=baf35682c2d6e026&ts=684&x=0"
date: Wed, 23 Oct 2024 16:58:17 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 1820ms
282ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,900%7CTomorrow:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 88207
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:28:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:28:12 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
23 KB 1586ms
84ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 87633
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:37:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:37:46 GMT
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22504
x-xss-protection: 0
server: sffe

GET
H2 200 WBLgrETNbFtZCeGqgR2xS2LoKQ.woff2
fonts.gstatic.com/s/tomorrow/v17/ 7 KB
7 KB 2079ms
578ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLgrETNbFtZCeGqgR2xS2LoKQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

5f23773b684c304946a4831393809d5959363c3e43872aa2b977bf5166594b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 99085
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 13:26:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:26:54 GMT
last-modified: Thu, 24 Aug 2023 20:29:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7528
x-xss-protection: 0
server: sffe

GET
H2 200 WBLirETNbFtZCeGqgRXXQwHYK-Cs.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 2052ms
551ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLirETNbFtZCeGqgRXXQwHYK-Cs.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

7e4fe14de6cf169390207d78cc8eba779c9acc0d1cb542d5c4e7e11687478f61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 86421
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:57:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:57:58 GMT
last-modified: Thu, 24 Aug 2023 20:29:35 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8156
x-xss-protection: 0
server: sffe

GET
H2 200 WBLhrETNbFtZCeGqgR0dWnXPDMU.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 1858ms
358ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLhrETNbFtZCeGqgR0dWnXPDMU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

3e0dececbc920a79861746bf091bc50f6f04332b04ec22b6962847ba5d836c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 88176
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:28:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:28:43 GMT
last-modified: Thu, 24 Aug 2023 20:37:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7864
x-xss-protection: 0
server: sffe

GET
H2 200 WBLjrETNbFtZCeGqgRXXQ63JPMeJjQ.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 1935ms
435ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLjrETNbFtZCeGqgRXXQ63JPMeJjQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

999f9fe91b5ca2973b28e3b760df570979479bc6a034223a1dfa9237d180e49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 87628
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:37:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:37:51 GMT
last-modified: Thu, 24 Aug 2023 20:31:34 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8460
x-xss-protection: 0
server: sffe

GET
H2 200 WBLhrETNbFtZCeGqgR15WXXPDMU.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 2076ms
576ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLhrETNbFtZCeGqgR15WXXPDMU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

3b14606f764c518dbfc8a37437a2678c57caf16794bc8bc8a1cf144e1c2946b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 87628
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:37:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:37:51 GMT
last-modified: Thu, 24 Aug 2023 20:37:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7908
x-xss-protection: 0
server: sffe

GET
H2 200 WBLjrETNbFtZCeGqgRXXQ8nKPMeJjQ.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 1886ms
386ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLjrETNbFtZCeGqgRXXQ8nKPMeJjQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

8a7d88068066939567484531092d54ce9395e1ed12edba9d79c79c4ca8b44c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 86421
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:57:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:57:58 GMT
last-modified: Thu, 24 Aug 2023 20:34:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8504
x-xss-protection: 0
server: sffe

GET
H2 200 WBLmrETNbFtZCeGqgRXSe2A.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 1832ms
332ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLmrETNbFtZCeGqgRXSe2A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

4ba852d7b4a7e4260c051ddd0eba9883a44468e6614cf40b5b12a08c6b249bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 87693
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:36:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:36:46 GMT
last-modified: Thu, 24 Aug 2023 20:29:42 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7728
x-xss-protection: 0
server: sffe

GET
H2 200 WBLgrETNbFtZCeGqgRXXS2LoKQ.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 2026ms
527ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLgrETNbFtZCeGqgRXXS2LoKQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

5746db9b99f1e3d50da4bbac36bde7c3fb36f2a9ea89475ff13f596991a755a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 475931
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 04:46:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 04:46:08 GMT
last-modified: Thu, 24 Aug 2023 20:29:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8468
x-xss-protection: 0
server: sffe

GET
H2 200 WBLhrETNbFtZCeGqgR0hWHXPDMU.woff2
fonts.gstatic.com/s/tomorrow/v17/ 7 KB
7 KB 1909ms
411ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLhrETNbFtZCeGqgR0hWHXPDMU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

e0cdfc24d156fa763bc02d8bf4bf2867c8ba31f9292f7da0fbfd496c9704e6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 88176
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:28:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:28:43 GMT
last-modified: Thu, 24 Aug 2023 20:37:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7564
x-xss-protection: 0
server: sffe

GET
H2 200 WBLjrETNbFtZCeGqgRXXQ5HLPMeJjQ.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 1972ms
474ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLjrETNbFtZCeGqgRXXQ5HLPMeJjQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

cfe24a1d92d6568e09f99bf3814aab2fc0422ca1000a990bdb83987d36205890

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 87628
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:37:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:37:51 GMT
last-modified: Thu, 24 Aug 2023 20:43:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8240
x-xss-protection: 0
server: sffe

GET
H2 200 WBLhrETNbFtZCeGqgR0NX3XPDMU.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 1752ms
254ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLhrETNbFtZCeGqgR0NX3XPDMU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

ade3ebe87804b9ade662372ad32cc6ee0c99c09126e0b87ce9b78bc2908bae89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 88408
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:24:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:24:51 GMT
last-modified: Thu, 24 Aug 2023 20:29:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7924
x-xss-protection: 0
server: sffe

GET
H2 200 WBLjrETNbFtZCeGqgRXXQ73MPMeJjQ.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 1883ms
385ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLjrETNbFtZCeGqgRXXQ73MPMeJjQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

e7774d8029fcd307bc95e3670c69910205d8ca4f338d7c6a84fff9743981e783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 87628
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:37:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:37:51 GMT
last-modified: Thu, 24 Aug 2023 20:19:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8196
x-xss-protection: 0
server: sffe

GET
H2 200 WBLhrETNbFtZCeGqgR1pXnXPDMU.woff2
fonts.gstatic.com/s/tomorrow/v17/ 7 KB
8 KB 1750ms
253ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLhrETNbFtZCeGqgR1pXnXPDMU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

1a5bb8d781cc4e2023c9e453482fe75fdd4d27d3f3e1d5b1237c29f07fca7b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 88829
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:17:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:17:50 GMT
last-modified: Thu, 24 Aug 2023 20:59:03 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7600
x-xss-protection: 0
server: sffe

GET
H2 200 WBLjrETNbFtZCeGqgRXXQ9nNPMeJjQ.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 2182ms
685ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLjrETNbFtZCeGqgRXXQ9nNPMeJjQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

a455690cebf579abdfa34150931f484c2ee24b20a8726fc8ccca12c5e5bb0892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 87628
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:37:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:37:51 GMT
last-modified: Thu, 24 Aug 2023 20:42:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8116
x-xss-protection: 0
server: sffe

GET
H2 200 WBLhrETNbFtZCeGqgR11XXXPDMU.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
8 KB 2126ms
629ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLhrETNbFtZCeGqgR11XXXPDMU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

29ac1dacf63f1962164b48976b2f77edc5448d666d08c4a832c6a1c3ddd49964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 87992
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:31:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:31:47 GMT
last-modified: Thu, 24 Aug 2023 20:42:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8028
x-xss-protection: 0
server: sffe

GET
H2 200 WBLjrETNbFtZCeGqgRXXQ8XOPMeJjQ.woff2
fonts.gstatic.com/s/tomorrow/v17/ 8 KB
9 KB 1914ms
418ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLjrETNbFtZCeGqgRXXQ8XOPMeJjQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

372cd323ba59a934ce4440fd2fd2297e36793a07f65c2eeb3367247e70b4d183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 87628
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:37:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:37:51 GMT
last-modified: Thu, 24 Aug 2023 20:29:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8652
x-xss-protection: 0
server: sffe

GET
H2 200 WBLhrETNbFtZCeGqgR1RXHXPDMU.woff2
fonts.gstatic.com/s/tomorrow/v17/ 6 KB
7 KB 1854ms
357ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tomorrow/v17/WBLhrETNbFtZCeGqgR1RXHXPDMU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

a9bd7364dd659018d4e187e7f1d9a9464fffd34c712c9de079bf28c2ca53476f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rdr-it.io
Referer: https://fonts.googleapis.com/

Response headers

age: 86421
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:57:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:57:58 GMT
last-modified: Thu, 24 Aug 2023 20:23:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6616
x-xss-protection: 0
server: sffe

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/ 433 KB
145 KB 1804ms
181ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5403661759056954

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d59ef65e001963d7035c460f7d40dd1d25f5d2de2029182eda86433b4342e03c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

content-encoding: br
etag: 12242457973402300186
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 16:58:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 23 Oct 2024 16:58:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147586
x-xss-protection: 0
server: cafe

GET
H2 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/ Frame 77EE 0
0 733ms
79ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdr-it.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 16:29:17 GMT
etag: 13108003645644964576
expires: Wed, 06 Nov 2024 16:29:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5BA2 0
0 1641ms
993ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5403661759056954&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729657814&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Frdr-it.io%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729702698179&bpp=5&bdt=1152&idt=2310&shv=r20241021&mjsv=m202410210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5918044542583&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759876%2C44759927%2C31087700%2C31088190%2C95344189%2C95345270%2C31088289%2C95344978&oid=2&pvsid=1063292819222612&tmod=497684035&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=2383

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdr-it.io/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 145121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 16:58:22 GMT
expires: Wed, 23 Oct 2024 16:58:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 67FB 0
0 1114ms
597ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5403661759056954&output=html&h=200&slotname=8193165344&adk=2610475486&adf=3253741200&pi=t.ma~as.8193165344&w=1200&abgtt=6&fwrn=4&lmt=1729657814&rafmt=11&format=1200x200&url=https%3A%2F%2Frdr-it.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729702698184&bpp=1&bdt=1157&idt=2395&shv=r20241021&mjsv=m202410210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5918044542583&frm=20&pv=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759876%2C44759927%2C31087700%2C31088190%2C95344189%2C95345270%2C31088289%2C95344978&oid=2&pvsid=1063292819222612&tmod=497684035&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=2410

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdr-it.io/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45195
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 16:58:21 GMT
expires: Wed, 23 Oct 2024 16:58:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F3A6 0
0 1182ms
672ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5403661759056954&output=html&h=200&slotname=8193165344&adk=3793996982&adf=3525382714&pi=t.ma~as.8193165344&w=813&abgtt=6&fwrn=4&lmt=1729657814&rafmt=11&format=813x200&url=https%3A%2F%2Frdr-it.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729702698185&bpp=1&bdt=1158&idt=2416&shv=r20241021&mjsv=m202410210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=5918044542583&frm=20&pv=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=1340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759876%2C44759927%2C31087700%2C31088190%2C95344189%2C95345270%2C31088289%2C95344978&oid=2&pvsid=1063292819222612&tmod=497684035&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2419

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdr-it.io/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47158
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 16:58:21 GMT
expires: Wed, 23 Oct 2024 16:58:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E6B2 0
0 842ms
337ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5403661759056954&output=html&h=250&slotname=8602917471&adk=3962129987&adf=3568199560&pi=t.ma~as.8602917471&w=300&abgtt=6&lmt=1729657814&format=300x250&url=https%3A%2F%2Frdr-it.io%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729702698186&bpp=1&bdt=1158&idt=2430&shv=r20241021&mjsv=m202410210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x200%2C813x200&nras=1&correlator=5918044542583&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759876%2C44759927%2C31087700%2C31088190%2C95344189%2C95345270%2C31088289%2C95344978&oid=2&pvsid=1063292819222612&tmod=497684035&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=2434

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdr-it.io/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 410
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 16:58:21 GMT
expires: Wed, 23 Oct 2024 16:58:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/ 178 KB
60 KB 180ms
179ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/reactive_library_fy2021.js?bust=31088289

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7aacf287013e886365980a1ee384ae8f6c021365f93604e45782fb0296d60354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

content-encoding: br
etag: 3510941106911896164
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 16:58:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 23 Oct 2024 16:58:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 60994
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-5403661759056954 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 1011ms
136ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5403661759056954?href=https%3A%2F%2Frdr-it.io&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

325a59a073b0ecfc4633e2d8066f24510ef99d661c1878c8f57ed19a46b20071

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TEAMREG2FuoVKibhza7qfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 16:58:23 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_Hej5dYjwJxkcQV1hYgvt10hfUxEDN8vcLKAcRCPBzrrz3ZwSZw4OyqKUxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRoZ6BobxBQYA4OdJRQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TEAMREG2FuoVKibhza7qfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST AGSKWxWL2R33d8vVRyfm-K6vBanLDWdjXheSLtzZH35KxNLUhXVEEzcuEpEWD5pV70Jxwu9pOjo922lyR_DpeLfqSiad8iW6Kyz-O0UMQaSaiZk6b_MI3he_uCLUEoQHTClGbf-egiR6gQ==
fundingchoicesmessages.google.com/el/ 0
0

GET
H2 200 AGSKWxVpyYAJ0awxwMcT_DtFF3SU4pfPnOf3kjw_b6SS2IuhmoTZABYPVl5BVkkZIBLQcX3NO2xZ0Mj5VadN4CvUnLWxuXR0OPzfZurIynVOdW8DGIRnQIrZ_rX2CRQ2ys0Rrg3kDsPmCg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 132ms
124ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVpyYAJ0awxwMcT_DtFF3SU4pfPnOf3kjw_b6SS2IuhmoTZABYPVl5BVkkZIBLQcX3NO2xZ0Mj5VadN4CvUnLWxuXR0OPzfZurIynVOdW8DGIRnQIrZ_rX2CRQ2ys0Rrg3kDsPmCg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NzAyNzA0LDE5ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZHItaXQuaW8vIixudWxsLFtbOCwiSVZBWDlhcGJfNmsiXSxbOSwiaXQiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg0NDkxXSwyLDddIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/am=DAY/d=1/rs=AJlcJMxLQb4MWqEoFPFvxnM0zWH3Ou1FdQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

eb92b21ab29f54a90db7fb9ce23f2935ed357b5ae358a2bdfcd48ffcbcabd42a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XgV93ZjxmDDaXhh3_fgIVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdr-it.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 16:58:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_Hej5dYjwJxkcQV1hYgvt10hfUxEDN8vcLKAcRCPBwbrj3ZwSbwYduLiYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRoZ6BobxBQYA8gVJnA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XgV93ZjxmDDaXhh3_fgIVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/ Frame 9578 0
0

GET
H2 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/ Frame 44ED 0
0 17ms
17ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdr-it.io/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 16:29:17 GMT
etag: 13108003645644964576
expires: Wed, 06 Nov 2024 16:29:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/ Frame 06C1 0
0 12ms
12ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdr-it.io/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 16:29:17 GMT
etag: 13108003645644964576
expires: Wed, 06 Nov 2024 16:29:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/ Frame 4B6A 0
0 15ms
15ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410210101/show_ads_impl_fy2021.js?bust=31088289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdr-it.io/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 16:29:17 GMT
etag: 13108003645644964576
expires: Wed, 06 Nov 2024 16:29:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET AGSKWxV4u0edBF1pRm4q1RjGJ9XYBthwnwJ2lcv_kVzm9vUcsRLdgPGASWKRBgTrMdYCi8Eg-vVfFpZsVWhy9Ga7M8qqEQkTxDg57nSIlkWK11ENJKopjLvFV0Zd-_hYyA7kO1ofYb3dRA==
fundingchoicesmessages.google.com/f/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxWL2R33d8vVRyfm-K6vBanLDWdjXheSLtzZH35KxNLUhXVEEzcuEpEWD5pV70Jxwu9pOjo922lyR_DpeLfqSiad8iW6Kyz-O0UMQaSaiZk6b_MI3he_uCLUEoQHTClGbf-egiR6gQ==

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20241021/r20190131/zrt_lookup_fy2021.html

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/f/AGSKWxV4u0edBF1pRm4q1RjGJ9XYBthwnwJ2lcv_kVzm9vUcsRLdgPGASWKRBgTrMdYCi8Eg-vVfFpZsVWhy9Ga7M8qqEQkTxDg57nSIlkWK11ENJKopjLvFV0Zd-_hYyA7kO1ofYb3dRA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NzAyNzA0LDY4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcmRyLWl0LmlvLyIsbnVsbCxbWzgsIklWQVg5YXBiXzZrIl0sWzksIml0Il0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDQ5MV0sMiw3XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rdr-it.io/	1970-01-21 09:13:58	Name: pll_language Value: fr
.rdr-it.io/	1970-01-21 09:49:58	Name: __gads Value: ID=b1ac1f5fd821d38c:T=1729702701:RT=1729702701:S=ALNI_MY3UDi3sCla0wXToB8ivbezTN7Pcg
.rdr-it.io/	1970-01-21 09:49:58	Name: __gpi Value: UID=00000f133b12f064:T=1729702701:RT=1729702701:S=ALNI_MYlcseilWKya5ZdeEJhAmhCMv_V6g
.rdr-it.io/	1970-01-21 04:47:34	Name: __eoi Value: ID=c952cd84d5ebb7b2:T=1729702701:RT=1729702701:S=AA-AfjbI91gCyW3LwllZivo0Y2w4
.doubleclick.net/	1970-01-21 10:04:22	Name: IDE Value: AHWqTUmz0Xudb2w5p1aSts3loag3ROhjeexUdAZ6F3f_YSClmS4ClGupZKWy10tcE3Y
.doubleclick.net/	1970-01-21 00:28:23	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-21 02:37:58	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.rdr-it.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.wp.com
rdr-it.io
stats.wp.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
142.250.185.67
142.250.186.162
142.250.186.34
142.250.186.78
142.250.74.202
188.114.96.3
192.0.76.3
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
1a5bb8d781cc4e2023c9e453482fe75fdd4d27d3f3e1d5b1237c29f07fca7b8e
2283d9291a3d8f63719da402651c140a59dcf1cdc2f966feb2c9a972987d990f
2909117400dcc95f99cbcc62930bce751a820266f346a6e676aa573f71e922c0
29ac1dacf63f1962164b48976b2f77edc5448d666d08c4a832c6a1c3ddd49964
3213c7ab5aa5fdeb34d835435e54be9819ae567521abf8024314a6679328f6da
325a59a073b0ecfc4633e2d8066f24510ef99d661c1878c8f57ed19a46b20071
372cd323ba59a934ce4440fd2fd2297e36793a07f65c2eeb3367247e70b4d183
3b14606f764c518dbfc8a37437a2678c57caf16794bc8bc8a1cf144e1c2946b0
3e0dececbc920a79861746bf091bc50f6f04332b04ec22b6962847ba5d836c2a
46d9a56d35c0cfa57df78de2da661b27ebf6c8de6c215c08813febb77f30c2f0
4793dfc130157d4abf2ba3c45858fe24bd85343935ac9c4d07f4a5cbfc03d343
4ba852d7b4a7e4260c051ddd0eba9883a44468e6614cf40b5b12a08c6b249bb6
4be02dc890ad5ef26509a9c31eb3d88f209e20915807e03b00b0043d4dd1ba00
5352e02c736e2181cd029f586fa15528c48655d67ce1f6112a1dc5f2a67f05ab
5746db9b99f1e3d50da4bbac36bde7c3fb36f2a9ea89475ff13f596991a755a3
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5f23773b684c304946a4831393809d5959363c3e43872aa2b977bf5166594b26
68b75595afd2b064c9e83c7249e6df3cc87af9ea7e4cfb9f7012392f155b4b97
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
715dd35635d9cf44efe18c2b5206089554e5fc0ce857ebd6957a983aa39218bd
7aacf287013e886365980a1ee384ae8f6c021365f93604e45782fb0296d60354
7e4fe14de6cf169390207d78cc8eba779c9acc0d1cb542d5c4e7e11687478f61
8a7d88068066939567484531092d54ce9395e1ed12edba9d79c79c4ca8b44c41
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9355ce152872c40c2fa028d2a36eadc01de658de7abb2d2cf810109e025b7b0a
999f9fe91b5ca2973b28e3b760df570979479bc6a034223a1dfa9237d180e49f
a2361de8a33f0623c9d2eb30c360e0b3936159415f98e05f9554df397ae5252e
a455690cebf579abdfa34150931f484c2ee24b20a8726fc8ccca12c5e5bb0892
a4c33bbf181535ff02bb409811a9173d5f95484b4a9d5170110fa7f718399caf
a9bd7364dd659018d4e187e7f1d9a9464fffd34c712c9de079bf28c2ca53476f
ade3ebe87804b9ade662372ad32cc6ee0c99c09126e0b87ce9b78bc2908bae89
b4597f3a82c14505499b1e6456208893c19d482c77eb8bd1b81b8696c78f20ee
c09d48121a480ca17dfbf6ba1c7c46a4e4a5dcfcf1e8151a3b89ba2d9e55cdf3
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdabce9a964fc817cfbaee1b548a5e03f0a18f1fda485698d37cbbe209bf442b
cfe24a1d92d6568e09f99bf3814aab2fc0422ca1000a990bdb83987d36205890
d3e486101d5be08961d3960e0bf54bcce846e5aa8e1e7f3e6745d788d57b5201
d59ef65e001963d7035c460f7d40dd1d25f5d2de2029182eda86433b4342e03c
e0cdfc24d156fa763bc02d8bf4bf2867c8ba31f9292f7da0fbfd496c9704e6f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7774d8029fcd307bc95e3670c69910205d8ca4f338d7c6a84fff9743981e783
eb92b21ab29f54a90db7fb9ce23f2935ed357b5ae358a2bdfcd48ffcbcabd42a
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fb1421de015945036cff20c4c1969c1b8e4793fabdca801cc0876062f106ea54

rdr-it.io Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

93 %HTTPS

0 %IPv6

7 Domains

9 Subdomains

8 IPs

2 Countries

776 kBTransfer

2052 kBSize

7 Cookies

14 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rdr-it.io Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

93 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

776 kB
Transfer

2052 kB
Size

7
Cookies

45 HTTP transactions
14 data transactions