rustygriswold.ca Open in urlscan Pro
104.18.153.16 Public Scan

yul02s05-in-f14.1e100.net

Software

cafe /

Resource Hash

f0f82caebbf8881c9800821e6012d1ceee6a7ff732a2ae0dc7ed34c57eb5ab2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Origin: https://rustygriswold.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52770
x-xss-protection: 0
server: cafe
etag: 1995321888045798889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 15:15:29 GMT

GET
H2 200 TransparentLogo.png.webp
rustygriswold.ca/wp-content/uploads/2023/01/ 50 KB
50 KB 45ms
44ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/TransparentLogo.png.webp

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321ccc756dc8930f4f8e1549ec7229584fe0e6eab18a6e86562c63ccb7c0034b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8421
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 50882
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:37:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8367e1cd6b2839ef-YYZ
expires: Tue, 13 Feb 2024 18:35:27 GMT

GET
H3 200 wpo-minify-footer-aaa52b81.min.js Show response
rustygriswold.ca/wp-content/cache/wpo-minify/1702615470/assets/ 128 KB
37 KB 86ms
86ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1702615470/assets/wpo-minify-footer-aaa52b81.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d083c7d1d7fb535580781dbedfe692cee826121fc9f814dd014e0f411f29f51f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 18:37:00 GMT
server: cloudflare
age: 70372
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 8367e1cdebdf3705-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 18:37:01 GMT

GET
H3 200 wpo-minify-footer-f2541915.min.js Show response
rustygriswold.ca/wp-content/cache/wpo-minify/1702615470/assets/ 70 KB
22 KB 42ms
41ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1702615470/assets/wpo-minify-footer-f2541915.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab1c6fe01371f9d5c85c5f252b237d7f1ab79c3628c535fff805128164b04183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 06:38:55 GMT
server: cloudflare
age: 70372
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 8367e1cdebe03705-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 18:37:01 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 TransparentLogo-Copy-1-1024x318.png.webp
rustygriswold.ca/wp-content/uploads/2023/01/ 33 KB
33 KB 55ms
55ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/TransparentLogo-Copy-1-1024x318.png.webp

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96cbfe92e249edd7ee4220baf58d767efa56c274a1a6f4c313dc2ac823174ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72184
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 33460
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 17:16:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8367e1ce3c643705-YYZ
expires: Tue, 13 Feb 2024 18:42:16 GMT

GET
H3 206 RustyVidtoGif.mp4
rustygriswold.ca/wp-content/uploads/2023/12/ 10 MB
0 42ms
41ms Media
video/mp4 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/12/RustyVidtoGif.mp4

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rustygriswold.ca/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:34:51 GMT
server: cloudflare
age: 72257
vary: Accept-Encoding
x-nginx-cache-status: MISS
content-type: video/mp4
Content-Range: bytes 0-14098663/14098664
cf-ray: 8367e1ce4c8d3705-YYZ
alt-svc: h3=":443"; ma=86400
Content-Length: 14098664
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 142.a82e9a0b5fa92b17936a.js Show response
rustygriswold.ca/wp-content/themes/blocksy/static/bundle/ 6 KB
2 KB 1179ms
1178ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/themes/blocksy/static/bundle/142.a82e9a0b5fa92b17936a.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1702615470/assets/wpo-minify-footer-aaa52b81.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2214bca26879d2f398733af0dc66443739d4724a0f85ac3b6b3ac7096ce80f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 18:32:28 GMT
server: cloudflare
age: 72981
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 8367e1ce9d273705-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 18:35:27 GMT

GET
H3 200 chch-150x150.png.webp
rustygriswold.ca/wp-content/uploads/2023/01/ 6 KB
6 KB 1152ms
1151ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/chch-150x150.png.webp

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b315da8034899a1ebb58ec1846f65fe6d26d48f5df6290da8cdc6e654ef18719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72221
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 5638
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8367e1cecd663705-YYZ
expires: Tue, 13 Feb 2024 18:44:40 GMT

GET
H3 200 output-onlinejpgtools-2-150x150.png.webp
rustygriswold.ca/wp-content/uploads/2023/01/ 8 KB
8 KB 1153ms
1152ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/output-onlinejpgtools-2-150x150.png.webp

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cb51fa1405fab99ec51f01f228d000c32f4e72f8b388602117c4aa9ac05af8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69528
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8100
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8367e1cecd683705-YYZ
expires: Tue, 13 Feb 2024 18:44:40 GMT

GET
H3 200 ctvtoronto-300x169.png.webp
rustygriswold.ca/wp-content/uploads/2023/01/ 9 KB
9 KB 1154ms
1153ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/ctvtoronto-300x169.png.webp

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de0fe8da77b5630c572c51956f872097dda5f1c658078cbf07e7b8d7c6e9218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72221
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9040
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8367e1cecd6a3705-YYZ
expires: Tue, 13 Feb 2024 18:44:40 GMT

GET
H3 200 BurlingtonToday.com-Logo.jpg.webp
rustygriswold.ca/wp-content/uploads/2023/01/ 7 KB
7 KB 1155ms
1154ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/BurlingtonToday.com-Logo.jpg.webp

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc44cf6f19e21d15c539570bf3959ca346ec974593d6822dcf8ba2ef30fe5dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69528
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 7054
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8367e1cecd6c3705-YYZ
expires: Tue, 13 Feb 2024 18:44:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 111ms
30ms Script
text/javascript 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184577474-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 16 Dec 2023 14:52:28 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 16 Dec 2023 16:52:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 66ms
63ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184577474-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

addc23552f91af76a4985d2531ae6887c4e948d06237a2f0689cb1074e6d826d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89826
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Dec 2023 15:15:29 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ 1 KB
856 B 1104ms
1103ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1702615470/assets/wpo-minify-footer-aaa52b81.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221bab2e5cfaeca91dab53c40d1ddd63a2c5e6c03113be05170ae5af57acf48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 08 Dec 2023 12:46:03 GMT
server: cloudflare
age: 70372
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 8367e1cf3e273705-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 18:37:01 GMT

GET
H3 200 video.fea4f8dfdf17262f23e8.bundle.min.js Show response
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ 3 KB
2 KB 1104ms
1104ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/plugins/elementor/assets/js/video.fea4f8dfdf17262f23e8.bundle.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1702615470/assets/wpo-minify-footer-aaa52b81.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e7adfd3358c50a53b4de39faace93b286b7b019dc55fb6583b8f16d5960609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 08 Dec 2023 12:46:03 GMT
server: cloudflare
age: 70372
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 8367e1cf3e293705-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 18:44:22 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 174ms
111ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d674e81b448f5330b5064c9f27f55735fc2d4c05899d204d53d4a42153cbc667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137927
x-xss-protection: 0
server: cafe
etag: 18238752853480811934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 15:15:29 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 0085 9 KB
4 KB 119ms
29ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 53416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 00:25:13 GMT
etag: 5585625838579639069
expires: Sat, 30 Dec 2023 00:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
analytics.google.com/g/ 0
246 B 118ms
42ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7TKVW5VVYW&gtm=45je3bt0v873983712&_p=1702739729572&_gaz=1&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=187874824.1702739730&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702739729&sct=1&seg=0&dl=https%3A%2F%2Frustygriswold.ca%2F&dt=Rusty%20Griswold%20Light%20Display%20%E2%80%93%20Illuminating%20your%20holidays%20with%20pixel%20lights%2C%20articles%2C%20tools%2C%20and%20recipes.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=576
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rustygriswold.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 128ms
51ms Ping
text/plain 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7TKVW5VVYW&cid=187874824.1702739730&gtm=45je3bt0v873983712&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rustygriswold.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 134ms
56ms Image
image/gif 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7TKVW5VVYW&cid=187874824.1702739730&gtm=45je3bt0v873983712&aip=1&dma=0&gcd=11l1l1l1l1&z=2119619661

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 52ms
51ms XHR
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1747867238&t=pageview&_s=1&dl=https%3A%2F%2Frustygriswold.ca%2F&ul=en-us&de=UTF-8&dt=Rusty%20Griswold%20Light%20Display%20%E2%80%93%20Illuminating%20your%20holidays%20with%20pixel%20lights%2C%20articles%2C%20tools%2C%20and%20recipes.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1703627345&gjid=1170946448&cid=187874824.1702739730&tid=UA-184577474-1&_gid=630154283.1702739730&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=271934257

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rustygriswold.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 419D 141 KB
50 KB 829ms
828ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5452915446355382&output=html&adk=1812271804&adf=3025194257&lmt=1702665862&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Frustygriswold.ca%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702739729809&bpp=6&bdt=316&idt=297&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5130218014228&frm=20&pv=2&ga_vid=187874824.1702739730&ga_sid=1702739730&ga_hid=1747867238&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320868%2C95320885&oid=2&pvsid=1396449953748446&tmod=644866740&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=326

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e84e1751e6ccb701b01a404458ed23bd33484dc314c265c1b714c160a27f8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 51210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 15:15:30 GMT
expires: Sat, 16 Dec 2023 15:15:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 71ms
71ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d74de076d9c90f3d4cdd757799412583d97e8febe411202b5f54de6bfdc01096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56005
x-xss-protection: 0
server: cafe
etag: 12404162226298872930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 15:15:31 GMT

GET
H2 200 ca-pub-5452915446355382 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 153ms
75ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5452915446355382?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d95914882d73b54edf4441f8d423e7a684c637ebf998d0c017aeeb2960be731

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eS-0KEtwOTTRZdpthLL7qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-eS-0KEtwOTTRZdpthLL7qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame AA22 9 KB
4 KB 30ms
30ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 53570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 00:22:41 GMT
etag: 5585625838579639069
expires: Sat, 30 Dec 2023 00:22:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXxcJtVy2-KO6PLM9TdKnWdX5CJyto9yGNQBV7BA8x552-d72OD8ACUiROzdVtSO8AVmnlfLuE9fu80ypVBFGMGD493H9N5UwfUvFg53DHkfQRKEU2FHxssou6k7AIuElEgl9qxXQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 93ms
92ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxcJtVy2-KO6PLM9TdKnWdX5CJyto9yGNQBV7BA8x552-d72OD8ACUiROzdVtSO8AVmnlfLuE9fu80ypVBFGMGD493H9N5UwfUvFg53DHkfQRKEU2FHxssou6k7AIuElEgl9qxXQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNzM5NzMxLDI1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ydXN0eWdyaXN3b2xkLmNhLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5dbccd37d8583f50795ccbc2b59ad9b0b339b32453161897650de22115320e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r-kqnHwk-wkbec46nf8YFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-r-kqnHwk-wkbec46nf8YFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7961 624 B
246 B 66ms
65ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGOagrPkBMAE&v=APEucNUj-fQCAkLi163wW7iAFXuzbJc14yu32CeT79eqcEjO9ep9_f0gxEBnWBi535I8Du_i9s-Oeyl6h1ZY0zCfsnSK6ZCqlQ

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 15:15:31 GMT
expires: Sat, 16 Dec 2023 15:15:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8859 111 KB
39 KB 77ms
22ms Script
text/javascript 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Dec 2023 17:51:39 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8859 7 KB
3 KB 30ms
29ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Dec 2023 00:27:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8859 24 KB
9 KB 30ms
29ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Dec 2023 00:00:35 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8859 41 KB
14 KB 123ms
34ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 13:17:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 13:17:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8859 3 KB
1 KB 135ms
45ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:27:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Dec 2023 00:27:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8859 20 KB
9 KB 120ms
30ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Dec 2023 00:24:56 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8859 203 KB
65 KB 170ms
81ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 15:15:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8859 42 B
63 B 61ms
60ms Image
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BK3d3q0DcBn4OO7lExD2fH2eByeDic8PYOuJ2d4yaXYirH124QBmgF_GuVvOKTG-7NDLqXnZi_oUsVOhAIL_FLbZrrfEqkuvCvEL25XkjMH3wu9ew

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7961
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0WWWWG3DlEm_jTTu6TfbE&google_cver=1

43 B
774 B

43ms
43ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0WWWWG3DlEm_jTTu6TfbE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGOagrPkBMAE&v=APEucNUj-fQCAkLi163wW7iAFXuzbJc14yu32CeT79eqcEjO9ep9_f0gxEBnWBi535I8Du_i9s-Oeyl6h1ZY0zCfsnSK6ZCqlQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ8ZcsVSe5DW7Y%2BghnKQRz6SKPyn3xtPqsvoAoflbc4A6AWCEXrd%2Bs7SUr1Id%2FEZ27jEZ%2F0uxDMQv5T9OHx736Zyd3Zyy83oXWq5GCV71aUoap0jFN%2BtYdMa54%2BKJxZ%2FYo4W6O2Ve2kPeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8367e1da39576e06-YUL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0WWWWG3DlEm_jTTu6TfbE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7961
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX2-E0ILGgyUO46dN7ltQQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0WWWWG3DlEm_jTTu6TfbE&google_cver=1

43 B
740 B

53ms
53ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0WWWWG3DlEm_jTTu6TfbE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGOagrPkBMAE&v=APEucNUj-fQCAkLi163wW7iAFXuzbJc14yu32CeT79eqcEjO9ep9_f0gxEBnWBi535I8Du_i9s-Oeyl6h1ZY0zCfsnSK6ZCqlQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ6djvp56qPOXuwf%2FUZdxSXWX9nm6Bze0cMilMGIq16FGdDazyfl2X7vkhDSn7%2FOn44PxBuVFJ2PD%2FVSf%2BB%2ByRl54bzBxhEaQG0Cj02gFzmlaeOzqQCNO9GyNbh%2B%2BwBRklFMFwu3YvQ9tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8367e1dafb0f6e06-YUL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0WWWWG3DlEm_jTTu6TfbE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7961
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPj1Z6BJ8j4rhxeli4KiJls&google_cver=1

43 B
840 B

57ms
56ms

Image
image/gif

68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPj1Z6BJ8j4rhxeli4KiJls&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGOagrPkBMAE&v=APEucNUj-fQCAkLi163wW7iAFXuzbJc14yu32CeT79eqcEjO9ep9_f0gxEBnWBi535I8Du_i9s-Oeyl6h1ZY0zCfsnSK6ZCqlQ

Protocol

Server

68.67.160.184 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
an-x-request-uuid: 7e9f0a7f-c99a-4536-880a-8d330f566bcf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.80.90; 185.213.80.90; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPj1Z6BJ8j4rhxeli4KiJls&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7961
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEyODY4ODIyMjMzMTY2Mzg4NA%3D%3D

170 B
243 B

56ms
56ms

Image
image/png

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEyODY4ODIyMjMzMTY2Mzg4NA%3D%3D

Requested by

Protocol

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
an-x-request-uuid: 54853089-b4c7-4f76-a561-7fa76d5b1ef7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEyODY4ODIyMjMzMTY2Mzg4NA%3D%3D
x-proxy-origin: 185.213.80.90; 185.213.80.90; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 m.js Show response
ctxtfl.com/scripts/js/ Frame 8859 19 KB
8 KB 151ms
89ms Script
text/javascript 172.64.130.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=4212966839&adv=12410607&buy=30716475&cid=206670877&pid=377789748&ok=ok
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.130.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddc5c1f5c3504df1e0c4f86f5a647dbd45d408ada7a5a051326feab10f092a33

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:31 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cx-browser-cache-status: SKIP
cx-edge-cache-status: SKIP
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 16 Dec 2023 15:15:31 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5oDnMMoeloewgTp3gFSlYpptMFvtJeJ0fHk1yOGIBXH41P3sTg%2FnzQ9rg%2Bli8wivSQoV9zSWeTnGThTYP5G70DFqpJE0v5dTrfKQSE85%2FmGeEt5j7KufCOgkIsz"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8367e1d9fe0b4286-EWR

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 130 KB
24 KB 69ms
22ms Document
text/html 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f9c682447f70b1b15997f446e37c0c14c9d21232b395af2393ff6a85485462c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 72449
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24270
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 19:08:02 GMT
expires: Sat, 14 Dec 2024 19:08:02 GMT
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8859 0
0 191ms
108ms Fetch
image/gif 172.217.13.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstkOYSnOglyyN4crNS_tXlitMRtTKh3MKbwic25O6RFLkiF-EQyqix9OGoc3zxf3YzYXQOIhq8qqAr3zdPuhrdmfoqs1-6mHncvY4SH6-vIRoct-s3Zdko9rRHtkfuxTNakFc_eUTHUfLYNO-SGIhV4-rVWddGRbJJDCssviitYtsAsc2iuFHVjzHmGE07r_GnOjS8FCeyxN6ay_h4dZ2s-k0uF53fM5Tx9Rms-O9bxLJhv-h1ZdnrWbcn8Gsel2RdZhpV9_ZfmgOyXG6k1RYoJ6RMZ98VA1_q6FrlwOE7t78kzP3kEvThIvk3Q-Xaq_kt7arLfVao-aoGMvoJt8ExwpoMXzTjY6u_pk9S47rYKpT-MxL2sXEKWNosHv_h1GBSiQ7Qe5Eg4-QkteGbWbm9m9rlMM0jZxEOvBCfbes9uNGmZQcxL3w1dSU6oRB4_KFJYbEYuEANDSdrMe4LjRdp53MydLSDMqHu3bIGj_y6J4tob6O8FecnWxvn_TiPxIdqgQipKcYnjbEdC_o2QJ5bTZpGC6B8TBOcfnUQuRwkoeWQJRGIdYo2XpK9ApHRJRSTrvBwA3lLKL_fV03cTfjt9e0inTbzhsje2jZZERpV9Iaala0lD6-ElzSKdR_bfylz8Onm-T5lJqbwK0y18mvW_UynQU-LaFFi-CPrs2QmBpm9l08ekcX8zrx4pb7813HXm3xmCPWmDhAce_UShQmPYYb4qTa-ySlo-FtqquTwRbhPEkPjlzos6AlDEggl3AHmA7W-yWP_sMGyiZyVVJ_QPJPizwnIxfQ2Zp-gTeL0x6htCFe5TV9FtSbKDFWXmtGPmqLueYe6JUZ2wMLmy4XEwCcCUVNvKkB_5_Kjv1qZoitHOa-lv-mDAYV-XqKCN_Cb9iihf8WVlGqLGsKKvFpq-NGEN3-5AxZjWfMjKCjMdfPuz-jCR8A9KFj5DEsN1-3twZ6wpNzP9I6ojIyV0oCfudg3ANDzzlWQpa2TXsbDAcAQaLoiTgMOwD2hexoVUjl2xuqxTY5WsITiDyx5tAu7HoePBpQZHF-jU8vDZMkNaL3OQcJHI4oJ0Km-j8SBtgNxTUdcIv-Edoz_qe-Yh74oMZlvh3gMzM9zlwwyMsupdkUW_9PehIorUd8ypNzQehyl8OS66-8TMEym6EMbeFx5X4zfXgEZ0g9OJULl3qw7cqi95HrtHi7Zm7Yj72tncZelrseY3LTBYS6EvU8qfigcrScE_Pc27NdsdHw39imjoHI-OnezVy_i1FEuL4rtUGcGhBmR8tdchSFFh1GuMZH4YkFI1vZu-nNP8BH_Sk1_uZMjMpYaH5Z_Uj_YFO5aBpI-7u_syxY4IrNuYMnzfRmxZbvh2CBm5Vv7ruC6XI_pQuvLdFNvGM8eM4D2Gy6aXz10q_TtwrY8ZTpQzJfRRfrel7nt3J6rU8ssO-mAZDm6ljQ&sai=AMfl-YRLHcxRgVD3xW6OuMtw0lspZEGYgS30aRQQ72iIyAEvVKz-Q-J-qXxh9YbNiHCxU6GLqZnIIBcHcKkUNtE45elLCJecxYeqbIvbgB8IGQUzHKGzL27BcAEWIwydnnqxH05geAvmphHfFbgrU0KceMhr09VMKD0wREuYe9R8sPxGZnyJme45hZZ5hWKFStVd9aFXqOnCZV_c-B8h9HxsGU5PWcPSao5atzb1HSX3vfVEI6K6iksksaGwNT-daOTWdPRx6jWpSAOJDhTq9O0B-KeMuN-l_GNgfoWLvotkkGb4cHq9IypNb4H88cJDFzcDCAlQtm0DHLOnAL5qfcTLgsOv6gYzfWZqDaQLW60rHVkasS8k2E-7_ajOaTGD6q0QNtamq4Zxfrj2ZZf6ke5gvwLwIwR2P8owf3_CuHpauG_lNfOrwqF5E7nlH3UL8p0ghslye-HoWsvhK3nOTS79dAR0kR9bHzKVK6xn8KejDMo-Ben15O_0uz0YnaiXHphxkFmJy7s&sig=Cg0ArKJSzDAxDMM1y_0cEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZXRyby5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=106&cisv=r20231207.49947&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 16 Dec 2023 15:15:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8859 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96c5cf126003134b439d18c32417fc35aa14e81a992f15a35cfa3f2f73b2f7be

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 873B 38 KB
13 KB 32ms
30ms Document
text/html 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 62038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 22:01:33 GMT
expires: Sat, 14 Dec 2024 22:01:33 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 77C1 32 KB
11 KB 22ms
21ms Script
text/javascript 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Dec 2023 19:32:51 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 873B 39 KB
15 KB 36ms
35ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 04:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 04:50:09 GMT

POST
H2 200 cracq Show response
services.ctxtfl.com// Frame 8859 18 B
289 B 95ms
94ms XHR
text/html 172.64.130.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.ctxtfl.com//cracq
Requested by: Host: ctxtfl.com
URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=4212966839&adv=12410607&buy=30716475&cid=206670877&pid=377789748&ok=ok
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.130.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/octet-stream

Response headers

date: Sat, 16 Dec 2023 15:15:31 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTGd5sNDnVxmgYIStKGrA%2FSqyGm%2BhRbgLFmXvuM4eI3Z1cRLfuxg525rTnMrHCzoHTbW7H367pj%2F2efuyRASK7kPmeW1K2t4VtUsk0D0q9C8IWRt8g92OoyrTmDKYS8qF5pxDAaD"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cf-ray: 8367e1dbabf94376-EWR
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 cracq
services.ctxtfl.com// Frame 0
0 126ms
60ms Preflight
text/html 172.64.130.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.ctxtfl.com//cracq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.130.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8367e1db4b994376-EWR
content-encoding: br
content-type: text/html
date: Sat, 16 Dec 2023 15:15:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2rfHLr4HPCVi8j7nGX9v6CzujjTalB6Zm4DSKMQzuVda0Iu8ux5Gid7q5DcuKp0bBwmI7SmWUT0DK0N5%2FHjX3Hy3e7nEc9SvekdfGvjtFdgwPl6NyjzE44HZpRKz5fVXT5NxjWS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8859 0
0 95ms
94ms Fetch
image/gif 172.217.13.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstkOYSnOglyyN4crNS_tXlitMRtTKh3MKbwic25O6RFLkiF-EQyqix9OGoc3zxf3YzYXQOIhq8qqAr3zdPuhrdmfoqs1-6mHncvY4SH6-vIRoct-s3Zdko9rRHtkfuxTNakFc_eUTHUfLYNO-SGIhV4-rVWddGRbJJDCssviitYtsAsc2iuFHVjzHmGE07r_GnOjS8FCeyxN6ay_h4dZ2s-k0uF53fM5Tx9Rms-O9bxLJhv-h1ZdnrWbcn8Gsel2RdZhpV9_ZfmgOyXG6k1RYoJ6RMZ98VA1_q6FrlwOE7t78kzP3kEvThIvk3Q-Xaq_kt7arLfVao-aoGMvoJt8ExwpoMXzTjY6u_pk9S47rYKpT-MxL2sXEKWNosHv_h1GBSiQ7Qe5Eg4-QkteGbWbm9m9rlMM0jZxEOvBCfbes9uNGmZQcxL3w1dSU6oRB4_KFJYbEYuEANDSdrMe4LjRdp53MydLSDMqHu3bIGj_y6J4tob6O8FecnWxvn_TiPxIdqgQipKcYnjbEdC_o2QJ5bTZpGC6B8TBOcfnUQuRwkoeWQJRGIdYo2XpK9ApHRJRSTrvBwA3lLKL_fV03cTfjt9e0inTbzhsje2jZZERpV9Iaala0lD6-ElzSKdR_bfylz8Onm-T5lJqbwK0y18mvW_UynQU-LaFFi-CPrs2QmBpm9l08ekcX8zrx4pb7813HXm3xmCPWmDhAce_UShQmPYYb4qTa-ySlo-FtqquTwRbhPEkPjlzos6AlDEggl3AHmA7W-yWP_sMGyiZyVVJ_QPJPizwnIxfQ2Zp-gTeL0x6htCFe5TV9FtSbKDFWXmtGPmqLueYe6JUZ2wMLmy4XEwCcCUVNvKkB_5_Kjv1qZoitHOa-lv-mDAYV-XqKCN_Cb9iihf8WVlGqLGsKKvFpq-NGEN3-5AxZjWfMjKCjMdfPuz-jCR8A9KFj5DEsN1-3twZ6wpNzP9I6ojIyV0oCfudg3ANDzzlWQpa2TXsbDAcAQaLoiTgMOwD2hexoVUjl2xuqxTY5WsITiDyx5tAu7HoePBpQZHF-jU8vDZMkNaL3OQcJHI4oJ0Km-j8SBtgNxTUdcIv-Edoz_qe-Yh74oMZlvh3gMzM9zlwwyMsupdkUW_9PehIorUd8ypNzQehyl8OS66-8TMEym6EMbeFx5X4zfXgEZ0g9OJULl3qw7cqi95HrtHi7Zm7Yj72tncZelrseY3LTBYS6EvU8qfigcrScE_Pc27NdsdHw39imjoHI-OnezVy_i1FEuL4rtUGcGhBmR8tdchSFFh1GuMZH4YkFI1vZu-nNP8BH_Sk1_uZMjMpYaH5Z_Uj_YFO5aBpI-7u_syxY4IrNuYMnzfRmxZbvh2CBm5Vv7ruC6XI_pQuvLdFNvGM8eM4D2Gy6aXz10q_TtwrY8ZTpQzJfRRfrel7nt3J6rU8ssO-mAZDm6ljQ&sai=AMfl-YRLHcxRgVD3xW6OuMtw0lspZEGYgS30aRQQ72iIyAEvVKz-Q-J-qXxh9YbNiHCxU6GLqZnIIBcHcKkUNtE45elLCJecxYeqbIvbgB8IGQUzHKGzL27BcAEWIwydnnqxH05geAvmphHfFbgrU0KceMhr09VMKD0wREuYe9R8sPxGZnyJme45hZZ5hWKFStVd9aFXqOnCZV_c-B8h9HxsGU5PWcPSao5atzb1HSX3vfVEI6K6iksksaGwNT-daOTWdPRx6jWpSAOJDhTq9O0B-KeMuN-l_GNgfoWLvotkkGb4cHq9IypNb4H88cJDFzcDCAlQtm0DHLOnAL5qfcTLgsOv6gYzfWZqDaQLW60rHVkasS8k2E-7_ajOaTGD6q0QNtamq4Zxfrj2ZZf6ke5gvwLwIwR2P8owf3_CuHpauG_lNfOrwqF5E7nlH3UL8p0ghslye-HoWsvhK3nOTS79dAR0kR9bHzKVK6xn8KejDMo-Ben15O_0uz0YnaiXHphxkFmJy7s&sig=Cg0ArKJSzDAxDMM1y_0cEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZXRyby5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=320&vt=11&dtpt=210&dett=3&cstd=106&cisv=r20231207.49947&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 texte_enArtboard_1.svg
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 8 KB
3 KB 23ms
22ms Image
image/svg+xml 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/texte_enArtboard_1.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e06a09f5ef22564abb112b5e3b092761e182d441c3fd1068d3833a2154a55ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 19:54:00 GMT
date: Fri, 15 Dec 2023 19:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2555
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 burstdescArtboard_1.svg
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 1 KB
706 B 28ms
23ms Image
image/svg+xml 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/burstdescArtboard_1.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57bd4dfc8d0d6a4f44ff3c9044f828c98d0e4d9be482a2ad114a62194693e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 19:50:51 GMT
date: Fri, 15 Dec 2023 19:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 676
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 prodp2_728x90_FR.png
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 7 KB
7 KB 29ms
25ms Image
image/png 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/prodp2_728x90_FR.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48b36c76cd23d3ce116425a6ac6c78d6374de5b0e9d83e38bb4a687cd0818459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 19:50:51 GMT
date: Fri, 15 Dec 2023 19:50:51 GMT
x-content-type-options: nosniff
age: 69880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7064
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 prixArtboard_1_1.svg
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 2 KB
761 B 33ms
29ms Image
image/svg+xml 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/prixArtboard_1_1.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76742eb58919bbc672435e2b8d07da5a85c23e52e43e615bd32190810901e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 15:10:35 GMT
date: Fri, 15 Dec 2023 15:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 731
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 burst_prixArtboard_1.png
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 2 KB
2 KB 28ms
24ms Image
image/png 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/burst_prixArtboard_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98f274112c779a41a4f8cc09d21ecf6738fdb6c8d9c897f058b6c52824e36369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 13 Dec 2024 23:34:39 GMT
date: Thu, 14 Dec 2023 23:34:39 GMT
x-content-type-options: nosniff
age: 142852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1634
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 legalp2_728x90_EN.svg
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 12 KB
2 KB 39ms
35ms Image
image/svg+xml 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/legalp2_728x90_EN.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1569b4f3bd96f2327542dd26451b01ca84a79bd20c5b75ed349fa2dfbca7afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 07:10:58 GMT
date: Fri, 15 Dec 2023 07:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2166
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ctaf3_728x90_EN.svg
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 4 KB
1 KB 40ms
36ms Image
image/svg+xml 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/ctaf3_728x90_EN.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99a32e4ae2fc5409fcaa6decedaf23c06f3976836831d9134a48fd921874510b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 15 Dec 2024 02:37:26 GMT
date: Sat, 16 Dec 2023 02:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45485
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1194
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logof3_728x90_EN.svg
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 3 KB
2 KB 36ms
33ms Image
image/svg+xml 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/logof3_728x90_EN.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cae4054a459fb9285df5ea712bfcf1ddcc5e53e419ad622d8c4f2e245b1c94dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 13 Dec 2024 17:23:48 GMT
date: Thu, 14 Dec 2023 17:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165103
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1640
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 raisins_1.jpg
s0.2mdn.net/sadbundle/5373605582912269415/ Frame 77C1 12 KB
12 KB 32ms
29ms Image
image/jpeg 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5373605582912269415/raisins_1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a353cc1add5d079763dc520f189ad8ccd644747b01e2d33f88d97020dfc5073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5373605582912269415/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 22:48:57 GMT
date: Fri, 15 Dec 2023 22:48:57 GMT
x-content-type-options: nosniff
age: 59194
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12207
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:53:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 75ms
74ms XHR
application/json 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

692b0e61be134de79ee4043db28dd9d8698fc09fdeea82c41efc9dd44663c6c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12171
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 873B 0
20 B 63ms
62ms Image
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6cYDEr99ZeSrDKPrkPIP64qagA4AAAAAOAHgBAI&bg=!-_il-LfNAAY3kmNgF5I7ADQBe5WfOKawvl6zP-9Z6sZQ9SzM5lDpUjMuglj-SrTAqlT4NO47mayFZxzZsApXT10Dve2XAgAAAGxSAAAAAmgBB5kDOIpX4ZznUIGwmWo5-XWPV6JNmzvtCPTlUqL5B2EPblPvhufXAFdSU1VmtPHR-UeQ929VXuhW_hTAlxwkQCyyYOilNhM3sK6ePpxRkrlw-zf8vh3OgFxttJIOqYkq1kjZQE9JBWhECIv5NdM24Yth6whKg_ENgSrV-F74MLFRyrUEn9F_cwOzzFWvCzvGL0Mu9VuJFDy9EkHvakNsQrvIa6D4t_yMs6YecBVZbUhW0KOJYchob-qGQ_FODbq8ouvrTkHlUPMKCWhM1K1YFYh4anre8Fzh5dkeoyV-BopIFZpZFS0Rzhi6TTZOxMiQC0DV6XJt14RiCSMt0NKN2oo4se7ZWM0CpdB0CCbsE6DBQueygrrfyz0_2XR8GHZDlQZPS3Fl9FXgZSFUEFo_PgtII-hafS2Wor35hMlSer0KXp8bY3_d0GwDEK3x_HJrCBeHpp6GfpBDow73aukWiMfsVrwG4ilCcpa7pYkKmubOZG6MDHxCiZxjvzH_eI4AXTWG5oQoG2Ij6XmhTbLJvBdcCreKP2C7dQcqkC54kDL2GpT0SwUrd8QQ5GO6wjX31tT0X1rsfBZ_UZlm6JHZY4AKlHtou0FrU_gsNSUVEboufzf00ojFZf_JQfsO9QXXzAIwSOJAWU4gq_s2g2Ku0e776G0aryrLvy2uZEKqxdJ3Q4FjCuu0gsFTjIaekf5D0OlmIxTGLWRdqluyzTqibRVhEpBnMc98OvD1FoMlxc9tUvCQ_vzE57jPprSIWOjnLSFgNuvbBUtBoZqwuhbQ0Up-ehXIH41mdf_4wXNNJuhdcv-KOWTkujwT1eWW91knvS13WsWFEP0w52pD4BsYZfbwkeYD4qZfBRt-bhqjoZ5SzQZPQvO5Fyd2r3wWMGTSiSGT_mPMWs6iCdfr-8vOU_ldf3IPbM09RgV_fwDg3woC_XErKrbd5EObv1S6lkRsaPzY6vROAdHcuIeri_qfG_RYYfPP1ojM5cy5HTWSA3GVryOMmPB1NBPQsT1OMqMXszl7st52jZ5T7QKctR0UMIfmWgNndQo88yKhThf54qNHXwFV_lA-nnSx61EMB4CN5-vbEG7ZJCmhPzfY

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
74ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 15:15:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A3E1 13 KB
5 KB 32ms
31ms Document
text/html 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 10466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 12:21:05 GMT
expires: Sun, 15 Dec 2024 12:21:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7511 829 B
1 KB 135ms
58ms Document
text/html 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f4.1e100.net

Software

GSE /

Resource Hash

832e86f8a9466ff406e44e76875d4c93bd3ffcdb553b835f40f04adcb659366f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9i1cWfeCT2XKPIpkEHH3Dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9i1cWfeCT2XKPIpkEHH3Dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 15:15:32 GMT
expires: Sat, 16 Dec 2023 15:15:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A3E1 39 KB
15 KB 32ms
32ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 04:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 04:50:09 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A3E1 0
10 B 30ms
29ms Image
text/plain 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AboKSg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7511 0
0 91ms
90ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1396449953748446&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 64ms
63ms Image
image/gif 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.288686823649986

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-uN_APJkuMUSeuBt7FDcEzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-uN_APJkuMUSeuBt7FDcEzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 65ms
64ms Image
image/gif 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.6288044048322499

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3thMOUcv4Q2GyZibPDBHqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-3thMOUcv4Q2GyZibPDBHqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXMlEV6rPWVj4mpzj_r9D3Xv8DCATWECaqRKPmSAwn5N9SDaUdYrXXNq_GFEzeRgQIP-swFR8IsSsu341gUNcSwBFroI87bib6Q-X0yg3LpI6fNebm7TbpvYbsfZeFiWXm-yTI81Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 126ms
61ms XHR
text/html 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMlEV6rPWVj4mpzj_r9D3Xv8DCATWECaqRKPmSAwn5N9SDaUdYrXXNq_GFEzeRgQIP-swFR8IsSsu341gUNcSwBFroI87bib6Q-X0yg3LpI6fNebm7TbpvYbsfZeFiWXm-yTI81Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GG1j9Yi-QanVgdGIALiJuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Dec 2023 15:15:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GG1j9Yi-QanVgdGIALiJuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
96ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1396449953748446&bg=!9Pel97jNAAY3kmNgF5I7ADQBe5WfOIaord3MVR8yi2nCZjuzmOpv52QyzuEIWz264sYi4Ne6EEcRv2o110Y-zOfp6eADAgAAAF9SAAAAB2gBB5kC5lf9KNXSjC0bsMSqNDjysi-KqZAJY6uWS0Ppmm9r-NvgHYxBhS9F_ojD0Yu9yNVYqMLiUy_wCeI-GmrTjqcz901_Na1RMp4CFSGbRb7rZTi05PLM6Gzln3Ulr6INPYgaiiT6xRJcN_EgJuiPrasuVwY08SmNPLtq46K4h3h5MKo3wxXnz5cITkOE6P4XwWj61fkdhP1foDsaVpGBRqI1egupC_1E3kQ9K6OQjn0x4hT4BkyNtTrs3r_KYS8QZW2oZbFFiHnhHz_GsUZ-qxpCw4y9arGX7OcnUeMWtG9ZhtaRZLBOUerZxVe_1TiB67R3xZwYwqISqQlvPJcentlfulbNOiZ-mwvwch3if7ahiwo56suQ7OoTtO-MygyvaxVLv5a-JHUHW7BzzVhlWuKw8SYuXQ_RwOsCKPNnBTuaqIUNIJnIDE6tYvSkmMondCppNaUepK5gg9tq4zYljqrj_ynsyrepZDmCNDB2WuOU6pJZmCUF_H4SPeY_7FRiBZ6vtDCb-NA9VgB7hseekdpVDSKkXGH425G9vJyp0f2u29BfnpHysiaSaSxIhNiN_XUFbAZZiSDbt9j4mjkq0a6xonh59G2OsrsLQ5IR6Ml3A5ol_7q1zgW8SGKRcEkWIMukxVgqLzjhKBnt4EcRInt8RFWEJIiz9PtnzBFKFFwyASSpalcF7FJXTz6T8I2diBvmhYYU9ANmkF_e71mnr6a0GVN34zgNqeemqj-Qe_8zQ6xsZjTJgQCZrf0SD_TJHWQ-CQXFnZxLz8RvUg1tFSXgJvyZhknQTV_9lEyZtQtBEGSKeaZebvFSHEG07EeznkZCYiB3-kN0jmaY_4Y1xq08OdUe-I-L-qswn8rsC72crH9SgnaRGVRVuVzALzOE29-H0kqvt6JSV_JxIr1jjCf_fyzoSM_HpFmI5bXA89K0W9K3x2_YP1vnA2ojSlz4_x_LWkcAdyU7vZ6qhPF9FCrXiy-DScRey9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8859 42 B
64 B 99ms
98ms Fetch
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBzv-Ivrorj1E9GRY5HZSWaRXi0h8aCJnrnwmoPg--2UdjSALLvWoYpgNhqOthrJMWoSE5Qc3qyQiyuhgO6aO2eSsZaF4r4o_WsLFfaRsE1GZYckyx2DV8q2-CIfVVlN-sbVujbX_ZzMB5f8TYU8NC5Rbu&sai=AMfl-YQB4WIrG6TdhjB2mc0eUt1-iCe2nv-uvtwz5xYada_7_XWgFiTGodwLAKvPXkAe82M7Y1vqyMY4lmdF35cux9bcWjkYflEQZwrtC8Ee2v-c_ku4frOyX8MagpETcHiVMHW9YQeGmCjYoyaJ4xlI&sig=Cg0ArKJSzGwRiHKhi9e0EAE&cid=CAQSTgAvHhf_3wmdcj2xQ_Ode7FlkNPbMVX5yQn4jcodahzmX3Jm7c90YRidj2leBx8JxTPYncdoDLdgY6l0AtlrQcDqYBq7NfYoz5eV6DdG0hgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=497,996,1000,1000,1000&tos=497,499,4,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702739731315&rpt=421&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 15:15:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sponseredlinksros. Show response
fundingchoicesmessages.google.com/f/AGSKWxXMBYfMPLYrrJ1IWopnWsZ6inokVPg9cL34v9xuEl__8dHO9oCjS1DX0Eajv-3fZOem5iVxJ2399v7gHpDIJuvySG6YZyt-CzEtkxmU9V2Yt4W7cDG78Bh5m2UpCLEYNwDre2Ro6KfrrF5jy-Ucbxacol2I2... 54 B
109 B 68ms
60ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXMBYfMPLYrrJ1IWopnWsZ6inokVPg9cL34v9xuEl__8dHO9oCjS1DX0Eajv-3fZOem5iVxJ2399v7gHpDIJuvySG6YZyt-CzEtkxmU9V2Yt4W7cDG78Bh5m2UpCLEYNwDre2Ro6KfrrF5jy-Ucbxacol2I2beOowNQoO2BJM5uiwDixvszODCZpAOr/_/mmsAds./adcframe._search/ads.js_ad_frame./sponseredlinksros.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ed41b8d1f368e973bf882b685338ac654f7a5bc39c68fb0525f65327782c933

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MxTatcBtrrP6xH03as_wfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MxTatcBtrrP6xH03as_wfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 40ms
32ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Dec 2023 00:21:23 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMlEV6rPWVj4mpzj_r9D3Xv8DCATWECaqRKPmSAwn5N9SDaUdYrXXNq_GFEzeRgQIP-swFR8IsSsu341gUNcSwBFroI87bib6Q-X0yg3LpI6fNebm7TbpvYbsfZeFiWXm-yTI81Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UNc7Q_aTLiZKewtHm_4Zgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UNc7Q_aTLiZKewtHm_4Zgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMlEV6rPWVj4mpzj_r9D3Xv8DCATWECaqRKPmSAwn5N9SDaUdYrXXNq_GFEzeRgQIP-swFR8IsSsu341gUNcSwBFroI87bib6Q-X0yg3LpI6fNebm7TbpvYbsfZeFiWXm-yTI81Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TXuy8kt358d5YArtbt3dNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-TXuy8kt358d5YArtbt3dNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMlEV6rPWVj4mpzj_r9D3Xv8DCATWECaqRKPmSAwn5N9SDaUdYrXXNq_GFEzeRgQIP-swFR8IsSsu341gUNcSwBFroI87bib6Q-X0yg3LpI6fNebm7TbpvYbsfZeFiWXm-yTI81Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ijKAEE8BUSUxdU1FeBjQxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ijKAEE8BUSUxdU1FeBjQxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rustygriswold.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMlEV6rPWVj4mpzj_r9D3Xv8DCATWECaqRKPmSAwn5N9SDaUdYrXXNq_GFEzeRgQIP-swFR8IsSsu341gUNcSwBFroI87bib6Q-X0yg3LpI6fNebm7TbpvYbsfZeFiWXm-yTI81Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3yHlFYxNweSy8oI6HwE9sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-3yHlFYxNweSy8oI6HwE9sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWvk_uQ6Y8HwzVO-OrPys0bA02NJCrp5kV8vyILIR-x7bIG2qmWCPP964wsDH3r40AUQC0tjfX8G49HAEd7fcZ9ZrgJpdPvOotLSFn-iGLqCPNHMjqa8TK74nvi-xw19ZQRrOB_oQ== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 113ms
113ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWvk_uQ6Y8HwzVO-OrPys0bA02NJCrp5kV8vyILIR-x7bIG2qmWCPP964wsDH3r40AUQC0tjfX8G49HAEd7fcZ9ZrgJpdPvOotLSFn-iGLqCPNHMjqa8TK74nvi-xw19ZQRrOB_oQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNzM5NzMzLDExMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcnVzdHlncmlzd29sZC5jYS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc2046044e29e35d0b38eb4de7000c59dbf8b38fabe9863600ade153763db9b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IgYz-lZ-kum1S-b8dvgvQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-IgYz-lZ-kum1S-b8dvgvQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMlEV6rPWVj4mpzj_r9D3Xv8DCATWECaqRKPmSAwn5N9SDaUdYrXXNq_GFEzeRgQIP-swFR8IsSsu341gUNcSwBFroI87bib6Q-X0yg3LpI6fNebm7TbpvYbsfZeFiWXm-yTI81Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tQ2SDn3xr11LEjEMTn53yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tQ2SDn3xr11LEjEMTn53yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXd-_SfZFplt-Zz0kYD4BUHkdbEsvbNw2kWKWBeaiv4rVDVcJxmtTDUC8cabNmknC1eNa0D1C2BqkeVmq9eQHGDWVnY0L8HBcoutO0uJjYWPkJgliD6CRTPGpmqI5jBIGFkB6NvMQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
71ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXd-_SfZFplt-Zz0kYD4BUHkdbEsvbNw2kWKWBeaiv4rVDVcJxmtTDUC8cabNmknC1eNa0D1C2BqkeVmq9eQHGDWVnY0L8HBcoutO0uJjYWPkJgliD6CRTPGpmqI5jBIGFkB6NvMQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNzM5NzMzLDIzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcnVzdHlncmlzd29sZC5jYS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbe3501febaa6d16a6b361f2f6f42d128e34f15374b68165a48b0a682221a4c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cBhzVR6g-4upu13-q5S8NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-cBhzVR6g-4upu13-q5S8NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXt7_cJPnXgi4o6fRJS4eDHIHrBWgShihBSOBsNB-DApyPR5ns_PttNVJyIvlNSg3Jb793_oKGGdrTqpTI_xzd9LXckYVKuFPvbO6MVZcz_1Fa_6jlGbhy0vslbDJZWlFskBkaiwA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 72ms
71ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXt7_cJPnXgi4o6fRJS4eDHIHrBWgShihBSOBsNB-DApyPR5ns_PttNVJyIvlNSg3Jb793_oKGGdrTqpTI_xzd9LXckYVKuFPvbO6MVZcz_1Fa_6jlGbhy0vslbDJZWlFskBkaiwA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNzM5NzMzLDMyNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ydXN0eWdyaXN3b2xkLmNhLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f75f4c6fb0d6937d74757580f71a0471d21e117df7021e056ebb572d1389cf1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PervsgmZJAzywMJm2zuzPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PervsgmZJAzywMJm2zuzPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWYuA7m5zum80r0cuQ0x4AYqrRdtwxEvGM05Ef3mtRgaIf93mGKe1viWcOIgjAJ2SCG0RX34Ea7XRaSfzmKLF_GIGGEy4Zq3f7CaiCfXelAi81-CgraaBty3w-9yCmjJpFJ2_1jcQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 62ms
61ms XHR
text/html 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWYuA7m5zum80r0cuQ0x4AYqrRdtwxEvGM05Ef3mtRgaIf93mGKe1viWcOIgjAJ2SCG0RX34Ea7XRaSfzmKLF_GIGGEy4Zq3f7CaiCfXelAi81-CgraaBty3w-9yCmjJpFJ2_1jcQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FFtchi0iJeSX5MDgLe0kXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Dec 2023 15:15:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FFtchi0iJeSX5MDgLe0kXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rustygriswold.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMlEV6rPWVj4mpzj_r9D3Xv8DCATWECaqRKPmSAwn5N9SDaUdYrXXNq_GFEzeRgQIP-swFR8IsSsu341gUNcSwBFroI87bib6Q-X0yg3LpI6fNebm7TbpvYbsfZeFiWXm-yTI81Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS