rustygriswold.ca Open in urlscan Pro
104.16.205.47 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rustygriswold.ca/
Submission Tags: phishingrod
Submission: On December 04 via api (December 4th 2023, 3:40:44 am UTC) from DE — Scanned from CA

Summary HTTP 50 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 50 HTTP transactions. The main IP is 104.16.205.47, located in and belongs to CLOUDFLARENET, US. The main domain is rustygriswold.ca.
TLS certificate: Issued by GTS CA 1P5 on October 18th 2023. Valid for: 3 months.

This is the only time rustygriswold.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.16.205.47 104.16.205.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.111.97 142.251.111.97	15169 (GOOGLE) (GOOGLE)
7	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
2	172.253.122.102 172.253.122.102	15169 (GOOGLE) (GOOGLE)
2	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
1	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
1	142.250.31.94 142.250.31.94	15169 (GOOGLE) (GOOGLE)
16	172.253.63.113 172.253.63.113	15169 (GOOGLE) (GOOGLE)
3	172.253.63.132 172.253.63.132	15169 (GOOGLE) (GOOGLE)
1	172.253.122.147 172.253.122.147	15169 (GOOGLE) (GOOGLE)
50	12

14 104.16.205.47 (None, )

ASN13335 (CLOUDFLARENET, US)

rustygriswold.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.155 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.94 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.253.63.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f113.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	google.com analytics.google.com — Cisco Umbrella Rank: 152 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	73 KB
14	rustygriswold.ca rustygriswold.ca	518 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	237 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	152 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 9252	408 B
50	7

	Domain	Requested by
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
14	rustygriswold.ca	rustygriswold.ca
7	pagead2.googlesyndication.com	rustygriswold.ca pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	rustygriswold.ca www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	www.google.ca	rustygriswold.ca
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
50	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
rustygriswold.ca GTS CA 1P5	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://rustygriswold.ca/
Frame ID: 772E0E63FEEAAA0E918FE2B06A885972
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 13469D72B52C014D87AD4CEF584EE036
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5452915446355382&output=html&adk=1812271804&adf=3025194257&lmt=1701645282&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Frustygriswold.ca%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701661239444&bpp=6&bdt=311&idt=253&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1098517009396&frm=20&pv=2&ga_vid=635784424.1701661240&ga_sid=1701661240&ga_hid=1694997873&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=934574766788239&tmod=1666351232&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=285
Frame ID: CF4A92181E613C49ABD182DA138128A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 181920FB375DFBE184834A85A1F0D0CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 64C913A079AACD620CF9542B7506F98A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rusty Griswold Light Display – Illuminating your holidays with pixel lights, articles, tools, and recipes.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

50
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

12
IPs

2
Countries

1012 kB
Transfer

2580 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/rustygriswoldlights

Search URL Search Domain Scan URL

URL: https://twitter.com/iMike_M

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rustygriswold.ca/ 148 KB
26 KB 132ms
72ms Document
text/html 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.18

Resource Hash

fc36d0d674bed07144b265bd01032efa79d9dfa6fb49fd2cd54634af76ffdff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 830107782b4836d4-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 03:40:39 GMT
last-modified: Sun, 03 Dec 2023 23:14:42 GMT
server: cloudflare
vary: Accept-Encoding
wpo-cache-status: cached
x-content-type-options: nosniff
x-nginx-cache-status: MISS
x-powered-by: PHP/8.1.18
x-xss-protection: 1; mode=block

GET
H2 200 wpo-minify-header-9fa82c00.min.css
rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/ 407 KB
54 KB 56ms
54ms Stylesheet
text/css 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/wpo-minify-header-9fa82c00.min.css

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72a82c7a8d3d5fe475c7b8aa9a93c8f5f3b043208da3a1381d336babbcd019a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 03 Dec 2023 22:50:19 GMT
server: cloudflare
age: 17420
vary: Accept-Encoding
content-type: text/css
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 83010778ac3e36d4-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 02 Jan 2024 22:50:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 130ms
53ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-184577474-1

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

75d782eb268cf4509a11fcb25efcb77e7d1366d83243dee564a8855ebf92d020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64920
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 03:40:39 GMT

GET
H3 200 wpo-minify-header-375e11ff.min.js Show response
rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/ 99 KB
35 KB 49ms
48ms Script
application/javascript 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/wpo-minify-header-375e11ff.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d9dd9b75c5ea59734b6971b9a26a7be846d9b72481e0314ec304fe58706a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 03 Dec 2023 13:54:33 GMT
server: cloudflare
age: 49562
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 83010779388aa20a-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 02 Jan 2024 13:54:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
53 KB 141ms
64ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

69e95d03f45ef3698fa21790c3882b0d085b7b8c86ef05e711e74f8ac7d5c413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Origin: https://rustygriswold.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53975
x-xss-protection: 0
server: cafe
etag: 9514280670999970619
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 03:40:39 GMT

GET
H2 200 TransparentLogo.png
rustygriswold.ca/wp-content/uploads/2023/01/ 50 KB
50 KB 54ms
54ms Image
image/webp 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/TransparentLogo.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321ccc756dc8930f4f8e1549ec7229584fe0e6eab18a6e86562c63ccb7c0034b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 202747
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 50882
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:37:44 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 83010778cc7d36d4-YYZ
expires: Tue, 30 Jan 2024 18:35:09 GMT

GET
H3 200 wpo-minify-footer-7f6a2b53.min.js Show response
rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/ 128 KB
37 KB 88ms
87ms Script
application/javascript 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/wpo-minify-footer-7f6a2b53.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef959b8e4d82790e3685290de1a023273299cb5cb5ba2b960aec21f2ab7d51ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 03 Dec 2023 22:04:59 GMT
server: cloudflare
age: 20140
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 83010779388da20a-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 02 Jan 2024 22:04:59 GMT

GET
H3 200 wpo-minify-footer-f2511914.min.js Show response
rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/ 70 KB
22 KB 108ms
108ms Script
application/javascript 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/wpo-minify-footer-f2511914.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b3d79f2e6de3d82d0c456f4d63944c8c337a3ec070baf00cbde1a96a74ab232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 03 Dec 2023 22:04:59 GMT
server: cloudflare
age: 20140
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 830107793890a20a-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 02 Jan 2024 22:04:59 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 TransparentLogo-Copy-1-1024x318.png
rustygriswold.ca/wp-content/uploads/2023/01/ 33 KB
33 KB 70ms
69ms Image
image/webp 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/TransparentLogo-Copy-1-1024x318.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96cbfe92e249edd7ee4220baf58d767efa56c274a1a6f4c313dc2ac823174ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58638
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 33460
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 17:16:49 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 830107797910a20a-YYZ
expires: Thu, 01 Feb 2024 11:23:21 GMT

GET
H3 200 142.73fc89c782d19aef54a4.js Show response
rustygriswold.ca/wp-content/themes/blocksy/static/bundle/ 6 KB
2 KB 41ms
41ms Script
application/javascript 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/themes/blocksy/static/bundle/142.73fc89c782d19aef54a4.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/wpo-minify-footer-7f6a2b53.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618c8c93268762da273370c7b2da4783a811b26d1f1ad9f3970445e5c153405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 24 Nov 2023 13:37:46 GMT
server: cloudflare
age: 205530
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 83010779f9e9a20a-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 31 Dec 2023 18:35:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 115ms
37ms Script
text/javascript 172.253.122.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184577474-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 02:42:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3464
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 04:42:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 54ms
53ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184577474-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ebc88bc6d341557e68f8428d4a4cfd0e221dbca96be9bd6344c822783ef02c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89772
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 03:40:39 GMT

GET
H3 200 rusty2022-1024x768.png
rustygriswold.ca/wp-content/uploads/2023/01/ 229 KB
229 KB 44ms
43ms Image
image/webp 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/rusty2022-1024x768.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b23d759a6b477abee500b8486249ee8d329b9ee9f0e4f2fdaca0d2f2de00a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 202747
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 234128
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:34:16 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8301077a2a3fa20a-YYZ
expires: Tue, 30 Jan 2024 19:21:32 GMT

GET
H3 200 chch-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ 6 KB
6 KB 38ms
37ms Image
image/webp 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/chch-150x150.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b315da8034899a1ebb58ec1846f65fe6d26d48f5df6290da8cdc6e654ef18719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 205193
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 5638
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:13 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8301077a2a42a20a-YYZ
expires: Tue, 30 Jan 2024 18:40:46 GMT

GET
H3 200 output-onlinejpgtools-2-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ 8 KB
8 KB 39ms
38ms Image
image/webp 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/output-onlinejpgtools-2-150x150.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cb51fa1405fab99ec51f01f228d000c32f4e72f8b388602117c4aa9ac05af8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 118945
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8100
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:43 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8301077a2a43a20a-YYZ
expires: Wed, 31 Jan 2024 18:38:14 GMT

GET
H3 200 ctvtoronto-300x169.png
rustygriswold.ca/wp-content/uploads/2023/01/ 9 KB
9 KB 36ms
35ms Image
image/webp 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/ctvtoronto-300x169.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de0fe8da77b5630c572c51956f872097dda5f1c658078cbf07e7b8d7c6e9218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 119078
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9040
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:20 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8301077a2a44a20a-YYZ
expires: Wed, 31 Jan 2024 18:36:01 GMT

GET
H3 200 BurlingtonToday.com-Logo.jpg
rustygriswold.ca/wp-content/uploads/2023/01/ 7 KB
7 KB 80ms
80ms Image
image/webp 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/BurlingtonToday.com-Logo.jpg

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc44cf6f19e21d15c539570bf3959ca346ec974593d6822dcf8ba2ef30fe5dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 205193
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 7054
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:34 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8301077a2a48a20a-YYZ
expires: Tue, 30 Jan 2024 18:40:46 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ 1 KB
857 B 46ms
45ms Script
application/javascript 104.16.205.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1701611448/assets/wpo-minify-footer-7f6a2b53.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.205.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

168b0b3e4dad8dd251775a64bfd2eaaa3fec94b04971043eebc16665757ab151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 14:27:43 GMT
server: cloudflare
age: 205194
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 8301077a6a92a20a-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 31 Dec 2023 18:40:45 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 398 KB
134 KB 156ms
81ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

06dd569c0a66536ae58f9a1b97665ae0746275ff77d0d727d81d456cab53e0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137633
x-xss-protection: 0
server: cafe
etag: 4701372086334965694
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 03:40:39 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 1346 9 KB
4 KB 118ms
39ms Document
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 26483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 20:19:16 GMT
etag: 12051592065903069241
expires: Sun, 17 Dec 2023 20:19:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 103ms
41ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7TKVW5VVYW&gtm=45je3bt0v873983712&_p=1701661239221&_gaz=1&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=635784424.1701661240&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701661239&sct=1&seg=0&dl=https%3A%2F%2Frustygriswold.ca%2F&dt=Rusty%20Griswold%20Light%20Display%20%E2%80%93%20Illuminating%20your%20holidays%20with%20pixel%20lights%2C%20articles%2C%20tools%2C%20and%20recipes.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=529
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 03:40:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rustygriswold.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 129ms
47ms Ping
text/plain 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7TKVW5VVYW&cid=635784424.1701661240&gtm=45je3bt0v873983712&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 03:40:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rustygriswold.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 132ms
50ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7TKVW5VVYW&cid=635784424.1701661240&gtm=45je3bt0v873983712&aip=1&dma=0&gcd=11l1l1l1l1&z=1478128016

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 03:40:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 46ms
45ms XHR
text/plain 172.253.122.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1694997873&t=pageview&_s=1&dl=https%3A%2F%2Frustygriswold.ca%2F&ul=en-us&de=UTF-8&dt=Rusty%20Griswold%20Light%20Display%20%E2%80%93%20Illuminating%20your%20holidays%20with%20pixel%20lights%2C%20articles%2C%20tools%2C%20and%20recipes.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1847172893&gjid=454384160&cid=635784424.1701661240&tid=UA-184577474-1&_gid=193792591.1701661240&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1327299953

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 03:40:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rustygriswold.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF4A 18 KB
6 KB 851ms
850ms Document
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5452915446355382&output=html&adk=1812271804&adf=3025194257&lmt=1701645282&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Frustygriswold.ca%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701661239444&bpp=6&bdt=311&idt=253&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1098517009396&frm=20&pv=2&ga_vid=635784424.1701661240&ga_sid=1701661240&ga_hid=1694997873&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=934574766788239&tmod=1666351232&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=285

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

37cb4bd23f9e7b29ab78250451e38cb6750511009ef817457c8455474b489e53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5838
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 03:40:40 GMT
expires: Mon, 04 Dec 2023 03:40:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-5452915446355382 Show response
fundingchoicesmessages.google.com/i/ 176 KB
59 KB 155ms
73ms Script
application/javascript 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5452915446355382?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

7dafe9777d9604fa6b3b5613a04d7a7454767b325132625e4c635ebc344af2e0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4G7i-BBr4HkUj_h5jkINvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4G7i-BBr4HkUj_h5jkINvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWvNf6rKCsyqvhk3Ic8LHXu6MfnzljeIXNSnFMb5ahnMj2Tt8CXfcNe4P9cZzo7Beju1ryfILhNDeugCXdDsqIcEE5ggqhVCITGqci44t3lHY-YFjRDoar8oAHaqEASxYcdA8XM1Q== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 78ms
77ms Script
application/javascript 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWvNf6rKCsyqvhk3Ic8LHXu6MfnzljeIXNSnFMb5ahnMj2Tt8CXfcNe4P9cZzo7Beju1ryfILhNDeugCXdDsqIcEE5ggqhVCITGqci44t3lHY-YFjRDoar8oAHaqEASxYcdA8XM1Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNjYxMjQwLDgyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ydXN0eWdyaXN3b2xkLmNhLyIsbnVsbCxbWzgsIkZhWVB1UndlcUlJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

b36ab21c83ff993e3f53c250c137762af31965416b3b3a997ea681ed00035e39

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NNvJA1dt9l65DSli2sYU2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NNvJA1dt9l65DSli2sYU2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
60ms XHR
application/json 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

5b4a66d146b732a08e46a367d1232c30b2392115df03f04862b09e8440888d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12192
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 119ms
40ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 03:40:41 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1819 13 KB
5 KB 40ms
39ms Document
text/html 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 8815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 01:13:46 GMT
expires: Tue, 03 Dec 2024 01:13:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 64C9 829 B
1 KB 944ms
57ms Document
text/html 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

GSE /

Resource Hash

66895d6ebe0a910da1d7f17e246143ce1934ca5eb1913b94e321c566046d3994

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YYDYGHeEM0x8y2cRv2bcWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YYDYGHeEM0x8y2cRv2bcWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 03:40:42 GMT
expires: Mon, 04 Dec 2023 03:40:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1819 39 KB
15 KB 38ms
38ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 02:16:56 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 1819 0
40 B 38ms
37ms Image
text/plain 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7oNwGA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 77ms
76ms Image
image/gif 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.6594862900183314

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rY7HhE6k_F6BytPWhBoNNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-rY7HhE6k_F6BytPWhBoNNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 57ms
56ms Image
image/gif 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.995362663599239

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-zHP5G3lj54ZWBt7gaTxnQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-zHP5G3lj54ZWBt7gaTxnQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 64C9 0
0 94ms
94ms Image
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=934574766788239&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 204 AGSKWxWIgXpANTvDiTJD_sBSh35V4EULQ64oJl0ShB6ZjPuteiELFvJKcc38dCJ1cJhnWggRYeGfE539nKtjyqnplJTrr_Wn-ruXYTbe1rAHDNcmaCUPnp5X65dAHkRzeyhlNbniWuxpxQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 132ms
54ms XHR
text/html 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIgXpANTvDiTJD_sBSh35V4EULQ64oJl0ShB6ZjPuteiELFvJKcc38dCJ1cJhnWggRYeGfE539nKtjyqnplJTrr_Wn-ruXYTbe1rAHDNcmaCUPnp5X65dAHkRzeyhlNbniWuxpxQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZvBwYraZ1hPjMziD50YSHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZvBwYraZ1hPjMziD50YSHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 101ms
100ms Image
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=934574766788239&bg=!Z2SlZCvNAAY3kmNgF5I7ADQBe5WfOFpXCEh5WXrj0CP5lUUWZRrnIlM1AE5H6ih5DsMhFFIR9IZFwsY0RdWBRfiCqSvyAgAAAyVSAAAAA2gBB5kCtmtt0bUejNCnJpjAgmUB3bxf1zv9-80wNQMbwL3hL4o1hplZoYQyOjaE3i6EIIeMEihwg3n62LGbjKNB5l9aCYx_lnYcSVWmOV5ws3bL6Sp70nmOOuzqouKY5aeuMxg5uXwzA8UIqOmxPYWmwY2KSdGPr4PPpCBry3C8v-86B2hQwTUes4R1IcE4mUmRt0hN5shoU9T4UOl_gzn3MUhcQPsLoVz3YKG_leBUbLGTwunRuahFEJu4fz-OrjQHVBq68gXXtL4MKKbhvK_ZpBdmmQQNMj18NMKgQ5M5zW-zu5Q89ZbwXVu5rHGlz08A3GvnrhjfWI3OzeqbtE8W31Z_XjAg2uePKSEQXBAj3howEyGc8PZIN8fRveQrFRsXk1c3ko9mqFsCv_OTpqW31SnsYT5m0EAmORu4hnLZRmi3NngOBV4g4GyzleKt0pvyaDw9OTjsj-ClpNDtJq1PXEd8jVOIDf1bTIf5BxMiEh-gHxTp0WokHi6tuxq-Y6xIjLi_ie28kIEJbXHkLM8ai08f8JI9QsMdLeQZUYas9WtfXKvOhtcUmQafedcocXipCBrgxwLhlrm-cNorMclH-gpIUXVT5_PfNNObxmgdF61AP2oiST94KNyVCKfbG5jKbna7Xnp7QonrY78MfHVEKOUm6J9YIRiX0DO20sYrErJP5vpyP8UP1eT-nNUi8qy0tP9yyJpeYrHUGXUhEcuA5XgyPPhF0N3SX5ohtRYaKAMoyi10lHWlCivfwOG6ECUH_dXsIWH4QSLJJoClAPxuNCohtps_-fvkrDDJkPA8GKK84OFSbI158zUFWqzUaQWCxeyhYFRYdkxAxnr624aRDnPw9P9-AmrxTi4s41p0MWiXpQvwUiMLBmMB9cv6CNxYjrjsFsOIC_t_HheKB229L36Jil5UyRJrRtY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 rgads.&adstrade= Show response
fundingchoicesmessages.google.com/f/AGSKWxV2ivPGvtW0LOv_HERgrroC-KJOakBm36dPE2_eLBbi3v5X_D7MGxrFDWERucrZd8aIndRKI0PldQ8fvF50XZAY91U5GuBoF0zGhog4UJPhso42VcwMqNsyaKFu3eYIxsLCeK6ASJHuZMfwaVANMwvX8cSUP... 54 B
109 B 57ms
56ms Script
application/javascript 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV2ivPGvtW0LOv_HERgrroC-KJOakBm36dPE2_eLBbi3v5X_D7MGxrFDWERucrZd8aIndRKI0PldQ8fvF50XZAY91U5GuBoF0zGhog4UJPhso42VcwMqNsyaKFu3eYIxsLCeK6ASJHuZMfwaVANMwvX8cSUPuZxwk6rosm00ncmDSti4h-1HimV-Vdc/_/top_ads_/vericaladtitle./game-ads./rgads.&adstrade=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzufRugCfZ2QricSdnhl71g5NspTQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

d1b6fc7f60802accd7f3de1a869f4f2dc570e98e119561cc9fcaa11ec7b6fe14

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0AYFNvu80t5s7ZDlkiywYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0AYFNvu80t5s7ZDlkiywYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 39ms
38ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

6ce905072505aac215cab5bc80d4d9f950b3de59d558b7a5d68d2718e0263e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11374
x-xss-protection: 0
server: cafe
etag: 663686755502650751
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 04:07:51 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIgXpANTvDiTJD_sBSh35V4EULQ64oJl0ShB6ZjPuteiELFvJKcc38dCJ1cJhnWggRYeGfE539nKtjyqnplJTrr_Wn-ruXYTbe1rAHDNcmaCUPnp5X65dAHkRzeyhlNbniWuxpxQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h2hvG887DZc8IZZ8AMKrlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-h2hvG887DZc8IZZ8AMKrlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIgXpANTvDiTJD_sBSh35V4EULQ64oJl0ShB6ZjPuteiELFvJKcc38dCJ1cJhnWggRYeGfE539nKtjyqnplJTrr_Wn-ruXYTbe1rAHDNcmaCUPnp5X65dAHkRzeyhlNbniWuxpxQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LR5Bsjs8I0zWlgkP53ww8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-LR5Bsjs8I0zWlgkP53ww8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIgXpANTvDiTJD_sBSh35V4EULQ64oJl0ShB6ZjPuteiELFvJKcc38dCJ1cJhnWggRYeGfE539nKtjyqnplJTrr_Wn-ruXYTbe1rAHDNcmaCUPnp5X65dAHkRzeyhlNbniWuxpxQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eMbQ_2KOZeJ9CPfbqF5uIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eMbQ_2KOZeJ9CPfbqF5uIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIgXpANTvDiTJD_sBSh35V4EULQ64oJl0ShB6ZjPuteiELFvJKcc38dCJ1cJhnWggRYeGfE539nKtjyqnplJTrr_Wn-ruXYTbe1rAHDNcmaCUPnp5X65dAHkRzeyhlNbniWuxpxQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yL-Fbke_X8OujTs6QYrN8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-yL-Fbke_X8OujTs6QYrN8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rustygriswold.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWM0yxbrfsFL0p_HzYoNfDD3aP8OIwVmqiULd_1gTfX-HM2ATaysbIUSN8fpSB2CPKPDrw3p8RnTG5oIzxv6k9-ZS4qns_LBqsSph9of_w3ltX-BlWB849vKWb8HCr_WCvw7mQ9dQ== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 65ms
65ms Script
application/javascript 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWM0yxbrfsFL0p_HzYoNfDD3aP8OIwVmqiULd_1gTfX-HM2ATaysbIUSN8fpSB2CPKPDrw3p8RnTG5oIzxv6k9-ZS4qns_LBqsSph9of_w3ltX-BlWB849vKWb8HCr_WCvw7mQ9dQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNjYxMjQyLDczNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcnVzdHlncmlzd29sZC5jYS8iLG51bGwsW1s4LCJGYVlQdVJ3ZXFJSSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

8c6f6a2e0a96b750aec54d84f852199421abd8f7620dc9c1f5a412e5ea5db7f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fhsL6d2GU2EFRPTOr-xZYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-fhsL6d2GU2EFRPTOr-xZYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIgXpANTvDiTJD_sBSh35V4EULQ64oJl0ShB6ZjPuteiELFvJKcc38dCJ1cJhnWggRYeGfE539nKtjyqnplJTrr_Wn-ruXYTbe1rAHDNcmaCUPnp5X65dAHkRzeyhlNbniWuxpxQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q68BYTQoLq7T6MdIYLZG2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-q68BYTQoLq7T6MdIYLZG2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUMbHQLG-HAIWMFoXDrkT4BtokWmzo0XD_djCn_PK_9HIetSEppYeCMuUV86Og3nQY6sHSvLNoH1hIaULQj9fT2ZU7c9Wa5GXKG88wFj3_9jmO1iLmSmpLIINmxdArDIcHhv0hNjg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 72ms
71ms Script
application/javascript 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUMbHQLG-HAIWMFoXDrkT4BtokWmzo0XD_djCn_PK_9HIetSEppYeCMuUV86Og3nQY6sHSvLNoH1hIaULQj9fT2ZU7c9Wa5GXKG88wFj3_9jmO1iLmSmpLIINmxdArDIcHhv0hNjg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNjYxMjQyLDgwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcnVzdHlncmlzd29sZC5jYS8iLG51bGwsW1s4LCJGYVlQdVJ3ZXFJSSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

c0eb515bbd9d2aafe43bd231d05fd4df4081ddc5623d3df89a3fe39fbfe04a47

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jkgp6OG3DIBWLYCQZ1o0tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jkgp6OG3DIBWLYCQZ1o0tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxX1S2mRIcgLoqIPd46MHNaDZEPya8Gnaq2NxQDalKifojBkdvFPg1SCiozImwJmt0y1gI0AIa8amKRlwhLKglJmShLP4NxGy9Yt9N0a5oob-5Rm-wm95zGDKH8yYPEhwu4EudG3XA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 78ms
77ms Script
application/javascript 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX1S2mRIcgLoqIPd46MHNaDZEPya8Gnaq2NxQDalKifojBkdvFPg1SCiozImwJmt0y1gI0AIa8amKRlwhLKglJmShLP4NxGy9Yt9N0a5oob-5Rm-wm95zGDKH8yYPEhwu4EudG3XA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNjYxMjQyLDg4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ydXN0eWdyaXN3b2xkLmNhLyIsbnVsbCxbWzgsIkZhWVB1UndlcUlJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

685455a08ec650910655547be269b3430881eaa77c576858bdf7baa41ee20de3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aa3DsKU_M67G-NkaY3WoyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aa3DsKU_M67G-NkaY3WoyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWdRhjgZ6wE_wTsbLXY192xVpKcPLj_KYCe8NEzEN0dkPknSrrC8l7sG3KROwgItPVWO85jLNpqz-38LuwPLNWEYwRRhfwlp4YuRtM7S65JYygaHE0aJLb-QGcBo7kicvxshm3jOg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
56ms XHR
text/html 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWdRhjgZ6wE_wTsbLXY192xVpKcPLj_KYCe8NEzEN0dkPknSrrC8l7sG3KROwgItPVWO85jLNpqz-38LuwPLNWEYwRRhfwlp4YuRtM7S65JYygaHE0aJLb-QGcBo7kicvxshm3jOg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WrIHp4uOW5_N8ZmZ9iU1hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-WrIHp4uOW5_N8ZmZ9iU1hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIgXpANTvDiTJD_sBSh35V4EULQ64oJl0ShB6ZjPuteiELFvJKcc38dCJ1cJhnWggRYeGfE539nKtjyqnplJTrr_Wn-ruXYTbe1rAHDNcmaCUPnp5X65dAHkRzeyhlNbniWuxpxQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qEbLjNTt7-93XhjSV9uObg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 03:40:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qEbLjNTt7-93XhjSV9uObg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rustygriswold.ca/	1970-01-21 02:17:01	Name: _ga_7TKVW5VVYW Value: GS1.1.1701661239.1.0.1701661239.60.0.0
.rustygriswold.ca/	1970-01-21 02:17:01	Name: _ga Value: GA1.2.635784424.1701661240
.rustygriswold.ca/	1970-01-20 16:42:27	Name: _gid Value: GA1.2.193792591.1701661240
.rustygriswold.ca/	1970-01-20 16:41:01	Name: _gat_gtag_UA_184577474_1 Value: 1
.doubleclick.net/	1970-01-20 16:41:02	Name: test_cookie Value: CheckForPermission
.rustygriswold.ca/	1970-01-21 01:26:37	Name: FCNEC Value: %5B%5B%22AKsRol-Ba73LeWjMH2lfa-mjGpyznEDfzopjytqqXZY5nI5H7y0Q8Rx0-tu7df6mECw7Ae8FustUA0GNhEcyVgMD10xJJ_yoS0T5bilkFxhnnCCZk0tiHQhaijpC3Np7UASV3dK9be4UaQy-6kyUTNIuGbXxKaJshw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
rustygriswold.ca
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
104.16.205.47
142.250.31.155
142.250.31.94
142.251.111.97
142.251.163.155
172.253.115.155
172.253.122.102
172.253.122.147
172.253.63.113
172.253.63.132
216.239.36.181
06dd569c0a66536ae58f9a1b97665ae0746275ff77d0d727d81d456cab53e0e5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
168b0b3e4dad8dd251775a64bfd2eaaa3fec94b04971043eebc16665757ab151
1cb51fa1405fab99ec51f01f228d000c32f4e72f8b388602117c4aa9ac05af8f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
321ccc756dc8930f4f8e1549ec7229584fe0e6eab18a6e86562c63ccb7c0034b
37cb4bd23f9e7b29ab78250451e38cb6750511009ef817457c8455474b489e53
3b3d79f2e6de3d82d0c456f4d63944c8c337a3ec070baf00cbde1a96a74ab232
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b4a66d146b732a08e46a367d1232c30b2392115df03f04862b09e8440888d5a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66895d6ebe0a910da1d7f17e246143ce1934ca5eb1913b94e321c566046d3994
685455a08ec650910655547be269b3430881eaa77c576858bdf7baa41ee20de3
69e95d03f45ef3698fa21790c3882b0d085b7b8c86ef05e711e74f8ac7d5c413
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce905072505aac215cab5bc80d4d9f950b3de59d558b7a5d68d2718e0263e11
6de0fe8da77b5630c572c51956f872097dda5f1c658078cbf07e7b8d7c6e9218
72a82c7a8d3d5fe475c7b8aa9a93c8f5f3b043208da3a1381d336babbcd019a3
75d782eb268cf4509a11fcb25efcb77e7d1366d83243dee564a8855ebf92d020
7dafe9777d9604fa6b3b5613a04d7a7454767b325132625e4c635ebc344af2e0
8b23d759a6b477abee500b8486249ee8d329b9ee9f0e4f2fdaca0d2f2de00a74
8c6f6a2e0a96b750aec54d84f852199421abd8f7620dc9c1f5a412e5ea5db7f4
96cbfe92e249edd7ee4220baf58d767efa56c274a1a6f4c313dc2ac823174ee7
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
b315da8034899a1ebb58ec1846f65fe6d26d48f5df6290da8cdc6e654ef18719
b36ab21c83ff993e3f53c250c137762af31965416b3b3a997ea681ed00035e39
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0eb515bbd9d2aafe43bd231d05fd4df4081ddc5623d3df89a3fe39fbfe04a47
d1b6fc7f60802accd7f3de1a869f4f2dc570e98e119561cc9fcaa11ec7b6fe14
d618c8c93268762da273370c7b2da4783a811b26d1f1ad9f3970445e5c153405
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d9dd9b75c5ea59734b6971b9a26a7be846d9b72481e0314ec304fe58706a20
ebc88bc6d341557e68f8428d4a4cfd0e221dbca96be9bd6344c822783ef02c20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef959b8e4d82790e3685290de1a023273299cb5cb5ba2b960aec21f2ab7d51ad
fc36d0d674bed07144b265bd01032efa79d9dfa6fb49fd2cd54634af76ffdff9
fc44cf6f19e21d15c539570bf3959ca346ec974593d6822dcf8ba2ef30fe5dc2

rustygriswold.ca Open in urlscan Pro 104.16.205.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

0 %IPv6

7 Domains

11 Subdomains

12 IPs

2 Countries

1012 kBTransfer

2580 kBSize

6 Cookies

2 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rustygriswold.ca Open in urlscan Pro
104.16.205.47 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

12
IPs

2
Countries

1012 kB
Transfer

2580 kB
Size

6
Cookies

50 HTTP transactions
1 data transactions