www.growsonyou.com Open in urlscan Pro
52.30.137.112 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Submission: On April 14 via manual (April 14th 2021, 6:02:54 am UTC) from US

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 9 domains to perform 65 HTTP transactions. The main IP is 52.30.137.112, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.growsonyou.com.
TLS certificate: Issued by Amazon on November 22nd 2020. Valid for: a year.

This is the only time www.growsonyou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	52.30.137.112 52.30.137.112	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	13.225.87.31 13.225.87.31	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	99.84.156.26 99.84.156.26	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2012	15169 (GOOGLE) (GOOGLE)
1	142.250.185.210 142.250.185.210	15169 (GOOGLE) (GOOGLE)
65	18

12 52.30.137.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com

www.growsonyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.87.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-31.fra2.r.cloudfront.net

media.growsonyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-26.txl52.r.cloudfront.net

cdn.growsonyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i1-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.210 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f18.1e100.net

p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i2-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	325 KB
17	growsonyou.com www.growsonyou.com media.growsonyou.com cdn.growsonyou.com	343 KB
11	doubleclick.net googleads.g.doubleclick.net	59 KB
5	gstatic.com www.gstatic.com p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i1-v6exp3.ds.metric.gstatic.com p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i2-v6exp3.v4.metric.gstatic.com	10 KB
5	google.com 3 redirects www.google.com adservice.google.com	2 KB
3	googletagservices.com www.googletagservices.com	100 KB
2	google-analytics.com ssl.google-analytics.com	18 KB
2	googleadservices.com partner.googleadservices.com	1 KB
1	google.de adservice.google.de	165 B
65	9

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	www.growsonyou.com	www.growsonyou.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	www.growsonyou.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	media.growsonyou.com	www.growsonyou.com
4	www.google.com	3 redirects www.growsonyou.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com
2	ssl.google-analytics.com	www.growsonyou.com
2	partner.googleadservices.com	www.growsonyou.com pagead2.googlesyndication.com
1	p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i2-v6exp3.v4.metric.gstatic.com
1	p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i1-v6exp3.ds.metric.gstatic.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cdn.growsonyou.com	www.growsonyou.com
1	www.gstatic.com	www.growsonyou.com
65	16

This site contains no links.

Subject Issuer	Validity	Valid
growsonyou.com Amazon	`2020-11-22` - `2021-12-21`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
media.growsonyou.com Amazon	`2021-03-20` - `2022-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Frame ID: A97233BBB4ABA642B989E37E5745EA90
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/zrt_lookup.html
Frame ID: 0BA2BEF32D3D7163DCA72C5A0FF65875
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=90&slotname=2282767776&adk=506372640&adf=3442017251&pi=t.ma~as.2282767776&w=728&lmt=1618380152&psa=0&format=728x90&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152117&bpp=20&bdt=193&idt=105&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6548322960228&frm=20&pv=2&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gqBnK7GBc5&p=https%3A//www.growsonyou.com&dtd=122
Frame ID: EBC9D607EE8B273298D4D7B19F0F6ABF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=60&slotname=2511726853&adk=2048124966&adf=2433827425&pi=t.ma~as.2511726853&w=468&lmt=1618380152&psa=0&format=468x60&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152167&bpp=4&bdt=243&idt=78&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=386&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=i0EodODgLf&p=https%3A//www.growsonyou.com&dtd=82
Frame ID: FF8F2EA17B58D943A7F20C586DC6859A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=250&slotname=6968241956&adk=2924835187&adf=1580287363&pi=t.ma~as.6968241956&w=300&lmt=1618380152&psa=0&format=300x250&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152186&bpp=11&bdt=262&idt=66&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=950&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ex8w59JxUG&p=https%3A//www.growsonyou.com&dtd=69
Frame ID: 8E10E89A0CB0DB7936EEA97A0F220C9E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&adk=1812271804&adf=3025194257&lmt=1618380152&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&ea=0&flash=0&pra=7&wgl=1&dt=1618380152200&bpp=2&bdt=276&idt=58&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60%2C300x250&nras=1&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16384&bc=31&ifi=4&uci=a!4&fsb=1&dtd=63
Frame ID: 0BBF020192F1331DB39E79C2FD82D5EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9412C5CD5522AB4A0FA77939A5352DB9
Requests: 2 HTTP requests in this frame

Frame: https://p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: CAF591F2D091BC8E010862F2CF2AE14D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2634604976838620069/300x250.html
Frame ID: EC33C1EF0B8BAE2B34EF78099A3E0E0F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 56D03195BAD914AE8A124BFDB650674B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
Frame ID: DEEEAF00F550615AC0122DEEF7919914
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DD83528CED9BF141C0DE82DE41D46353
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

65
Requests

98 %
HTTPS

67 %
IPv6

9
Domains

16
Subdomains

18
IPs

3
Countries

857 kB
Transfer

1820 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 41

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

65 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 34329-singing-bowl-for-beginners Show response
www.growsonyou.com/matthew21paul/blog/ 17 KB
6 KB 212ms
99ms Document
text/html 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 28b5c01ee6e34af08143157dbb198c733700b5f7521ebdc73942c4493e8ad90a

Request headers

:method: GET
:authority: www.growsonyou.com
:scheme: https
:path: /matthew21paul/blog/34329-singing-bowl-for-beginners
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:31 GMT
content-type: text/html; charset=utf-8
server: nginx/1.4.6 (Ubuntu)
status: 200 OK
x-ua-compatible: IE=Edge,chrome=1
cache-control: max-age=0, private, must-revalidate
set-cookie: _session_id=5ca814ef3c2311b835658d7a42ed5f50; path=/; HttpOnly
x-request-id: 3db0b9329626dde2688bf54e42d1ca0f
x-runtime: 0.064300
x-rack-cache: miss
content-encoding: gzip

GET
H2 200 goy_packaged.css
www.growsonyou.com/stylesheets/ 46 KB
12 KB 33ms
32ms Stylesheet
text/css 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.growsonyou.com/stylesheets/goy_packaged.css?1617604423
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 10581629c7defe2555fb65772506b6d57b880a89d176bd4bd7a8610c3e2c6535

Request headers

Referer: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:31 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 06:33:43 GMT
server: nginx/1.4.6 (Ubuntu)
content-type: text/css

GET
H2 200 growsonyou_packaged.js Show response
www.growsonyou.com/javascripts/ 190 KB
58 KB 58ms
56ms Script
application/x-javascript 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.growsonyou.com/javascripts/growsonyou_packaged.js?1617604423
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 6e67878ec75570dd640bc71c9366387db0f5ff7980b47565b8cacd8c51edc881

Request headers

Referer: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:31 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 06:33:43 GMT
server: nginx/1.4.6 (Ubuntu)
content-type: application/x-javascript

GET
H2 200 dynamic_options.js Show response
www.growsonyou.com/account/ 1 KB
872 B 85ms
84ms Script
text/javascript 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.growsonyou.com/account/dynamic_options.js
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 5c6e3510d62f041caea857ad980cbe60de7992d1344b6f3e7c99e809fb477093

Request headers

Referer: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.008472
date: Wed, 14 Apr 2021 06:02:31 GMT
content-encoding: gzip
server: nginx/1.4.6 (Ubuntu)
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: must-revalidate, private, max-age=0
x-request-id: 397830d157fc5fb6cf77df352087ba4e
x-rack-cache: miss
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 google_service.js Show response
partner.googleadservices.com/gampad/ 1 KB
507 B 8ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/google_service.js

Requested by

Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 05:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 373
x-xss-protection: 0
server: cafe
etag: 953604975598805376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 06:23:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

452299bf973d96a1602d92ae67d7b7f16fc74ada4032467ecb96881fdb776b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48496
x-xss-protection: 0
server: cafe
etag: 14493341862605126176
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 06:02:32 GMT

GET
H2 200 logo.jpg
www.growsonyou.com/images/ 16 KB
16 KB 37ms
34ms Image
image/jpeg 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.growsonyou.com/images/logo.jpg?1617604415
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: b2ca7c41894285dbacb87f21f1ecb96f348b6bd41ba168dda5775158d4e64cef

Request headers

Referer: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
last-modified: Mon, 05 Apr 2021 06:33:35 GMT
server: nginx/1.4.6 (Ubuntu)
accept-ranges: bytes
etag: "606aaf3f-3fc0"
content-length: 16320
content-type: image/jpeg

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

7ms
7ms

Script
text/javascript

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 00:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
age: 21301
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0
expires: Thu, 15 Apr 2021 00:07:31 GMT

Redirect headers

date: Wed, 14 Apr 2021 05:40:37 GMT
x-content-type-options: nosniff
server: sffe
age: 1315
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Wed, 14 Apr 2021 06:10:37 GMT

GET
H/1.1 200
OK singing_bowls_for_beginners.png
media.growsonyou.com/photos/user_detail/icon/64371/ 6 KB
6 KB 81ms
19ms Image
image/png 13.225.87.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.growsonyou.com/photos/user_detail/icon/64371/singing_bowls_for_beginners.png
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-31.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14c852b67c32b6ca24b17d2d625e813d0c2e75495502d2b5c9ff32d755a8e8f4

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 10:29:49 GMT
Via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
Last-Modified: Tue, 13 Apr 2021 10:04:38 GMT
Server: AmazonS3
Age: 70364
ETag: "2d40c72172567414254c8cd52d269636"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 6066
X-Amz-Cf-Id: zvLCn_pMkKAgWzQ4CyvSdSyXe3UqsEuq_nr0pnc_kWvqC2SPSf9P5g==

GET
H/1.1 200
OK singing_bowls_for_beginners.png
media.growsonyou.com/photos/blog_photo/image/211683/main/ 202 KB
202 KB 523ms
461ms Image
image/png 13.225.87.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.growsonyou.com/photos/blog_photo/image/211683/main/singing_bowls_for_beginners.png
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-31.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b42caa615af5386909edada33feea7ecc250908c8551a1645bfd301cb66f07fb

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 06:02:33 GMT
Via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
Last-Modified: Tue, 13 Apr 2021 10:08:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
ETag: "b61645424fb15cebadcf999cacc89704"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 206801
X-Amz-Cf-Id: AbaVNNkH_bw4vaOaxa8FTS1kAOx8_h61AJ64LtRMnOL4iMwsZNhAPQ==

GET
H2 200 calendar.gif
www.growsonyou.com/images/icons/pc_de/ 228 B
385 B 36ms
35ms Image
image/gif 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.growsonyou.com/images/icons/pc_de/calendar.gif?1617604415
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: f32ff382f907e9696962d26fa1e0f84e7363ee178e7a97baf279a5b7b15e5384

Request headers

Referer: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
last-modified: Mon, 05 Apr 2021 06:33:35 GMT
server: nginx/1.4.6 (Ubuntu)
accept-ranges: bytes
etag: "606aaf3f-e4"
content-length: 228
content-type: image/gif

GET
H2 200 smile.gif
www.growsonyou.com/images/icons/pc_de/ 870 B
1 KB 37ms
35ms Image
image/gif 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.growsonyou.com/images/icons/pc_de/smile.gif?1617604415
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: c2fc43d610ade3d0419ca1a22bb7ad07599cfff4d0cfbfa33f65bb3b464b036c

Request headers

Referer: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
last-modified: Mon, 05 Apr 2021 06:33:35 GMT
server: nginx/1.4.6 (Ubuntu)
accept-ranges: bytes
etag: "606aaf3f-366"
content-length: 870
content-type: image/gif

GET
H/1.1 200
OK apple_blossom2.jpg
media.growsonyou.com/photos/user_detail/icon/59113/ 6 KB
6 KB 480ms
419ms Image
image/jpeg 13.225.87.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.growsonyou.com/photos/user_detail/icon/59113/apple_blossom2.jpg
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-31.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf5004f7e07656242bd0039ec44065bbe56842f532a7e994e1926b2aaf7728c6

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 06:02:33 GMT
Via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
Last-Modified: Thu, 28 Feb 2019 14:21:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
ETag: "99d78c04601d28c7fb9c108ab36d290a"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5677
X-Amz-Cf-Id: hmFly5NSEUYIZRg1MV48o0XNiUfSvygQZtQxF_fc73x3Q6YElomvYQ==

GET
H/1.1 200
OK RosaNewDawn080607j.jpg
media.growsonyou.com/photos/user_detail/icon/7054/ 13 KB
14 KB 473ms
412ms Image
image/jpeg 13.225.87.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.growsonyou.com/photos/user_detail/icon/7054/RosaNewDawn080607j.jpg
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-31.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16d9c13728e1a0ecdfb31e76ca0eff7c75d6692f3bf526d933e2cbf7beb5b565

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 06:02:33 GMT
Via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Apr 2010 09:10:52 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
ETag: "52b3c918553ff8b37998ba61e978b277"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13416
X-Amz-Cf-Id: jI6hFvqEj8hThVLWkvS4K1wJa6TBL46CxYYWjJt0DUwNBLHVyUp_lw==

GET
H2 200 logo_small.jpg
www.growsonyou.com/images/ 14 KB
14 KB 37ms
35ms Image
image/jpeg 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.growsonyou.com/images/logo_small.jpg?1617604415
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: c0cd7078775732800a90a63ff88b18655f1536b7a5955ea0db96e1e7b49ce0c4

Request headers

Referer: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
last-modified: Mon, 05 Apr 2021 06:33:35 GMT
server: nginx/1.4.6 (Ubuntu)
accept-ranges: bytes
etag: "606aaf3f-37e1"
content-length: 14305
content-type: image/jpeg

GET
H2 200 ipod_touch.css
www.growsonyou.com/stylesheets/screen/new/ 152 B
262 B 38ms
37ms Stylesheet
text/css 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.growsonyou.com/stylesheets/screen/new/ipod_touch.css
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 2ae8b06af3c837e4815cb3927ba796ca43017d7e2280da2f00cd7cd146d449c0

Request headers

Referer: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 06:33:35 GMT
server: nginx/1.4.6 (Ubuntu)
content-type: text/css

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1256
date: Wed, 14 Apr 2021 05:41:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 14 Apr 2021 07:41:36 GMT

GET
H2 200 back_colour_1px.jpg
www.growsonyou.com/images/backgrounds/ 4 KB
4 KB 37ms
36ms Image
image/jpeg 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.growsonyou.com/images/backgrounds/back_colour_1px.jpg
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/stylesheets/goy_packaged.css?1617604423
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 2dd21ff076681767228872caaddf12cb7ea149b6a0b3bf98329bdaf5b9a145c3

Request headers

Referer: https://www.growsonyou.com/stylesheets/goy_packaged.css?1617604423
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
last-modified: Mon, 05 Apr 2021 06:33:35 GMT
server: nginx/1.4.6 (Ubuntu)
accept-ranges: bytes
etag: "606aaf3f-e3f"
content-length: 3647
content-type: image/jpeg

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 40ms
27ms Image
image/gif 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1045104469&utmhn=www.growsonyou.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Singing%20bowl%20for%20Beginners%20%3A%20Grows%20on%20You&utmhid=1345432172&utmr=-&utmp=%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&utmht=1618380152080&utmac=UA-1346673-1&utmcc=__utma%3D232933064.1372772758.1618380152.1618380152.1618380152.1%3B%2B__utmz%3D232933064.1618380152.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1149787791&utmredir=1&utmu=HAIAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 06:02:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 options_arrow.gif
www.growsonyou.com/images/backgrounds/ 391 B
548 B 32ms
31ms Image
image/gif 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.growsonyou.com/images/backgrounds/options_arrow.gif
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/stylesheets/goy_packaged.css?1617604423
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: da7689a43e8ec9c363f31f0687b56750c6b1420b05256e71985adff35971bc2a

Request headers

Referer: https://www.growsonyou.com/stylesheets/goy_packaged.css?1617604423
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
last-modified: Mon, 05 Apr 2021 06:33:35 GMT
server: nginx/1.4.6 (Ubuntu)
accept-ranges: bytes
etag: "606aaf3f-187"
content-length: 391
content-type: image/gif

GET
H2 200 shine.png
www.growsonyou.com/images/buttons/ 164 B
321 B 32ms
31ms Image
image/png 52.30.137.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.growsonyou.com/images/buttons/shine.png
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/stylesheets/goy_packaged.css?1617604423
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.137.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-137-112.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 6d6ecfef38ed8f5540801f718a17f42ec13052be9baee28a2b12eecf013a808a

Request headers

Referer: https://www.growsonyou.com/stylesheets/goy_packaged.css?1617604423
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
last-modified: Mon, 05 Apr 2021 06:33:35 GMT
server: nginx/1.4.6 (Ubuntu)
accept-ranges: bytes
etag: "606aaf3f-a4"
content-length: 164
content-type: image/png

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/ 222 KB
83 KB 66ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9141606424329006&plah=www.growsonyou.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8b0d2ee262785fb4bfb4e4717d4e5cf7536e52f0821c091dc84f10b42e69df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84808
x-xss-protection: 0
server: cafe
etag: 12939789125640300468
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 06:02:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/ Frame 0BA2 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210412/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.growsonyou.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.growsonyou.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Apr 2021 19:32:04 GMT
expires: Tue, 27 Apr 2021 19:32:04 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 37828
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.growsonyou.com
URL: https://www.growsonyou.com/matthew21paul/blog/34329-singing-bowl-for-beginners

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 244734
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H/1.1 200
OK comment.gif
cdn.growsonyou.com/images/icons/ 365 B
862 B 137ms
47ms Image
image/gif 99.84.156.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.growsonyou.com/images/icons/comment.gif
Requested by: Host: www.growsonyou.com
URL: https://www.growsonyou.com/stylesheets/goy_packaged.css?1617604423
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-26.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ce8a19147e078f70cc6ea8cb503596030659039a5edaa882142686f488aa393

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Feb 2021 07:27:01 GMT
Via: 1.1 b88825ad151091557d336c3519215162.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 27 Nov 2008 14:08:37 GMT
Server: AmazonS3
Age: 5697332
ETag: "f4ecdde1c65672049be6b26fc3dd28ff"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: TXL52-C1
Accept-Ranges: bytes
Content-Length: 365
X-Amz-Cf-Id: 17kPAa29qxbXxTSaRF8SSD9uoXcfDrmDQ1MomsC8SP5LwDZmPTWpRQ==

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
621 B 56ms
42ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.growsonyou.com&callback=_gfp_s_&client=ca-pub-9141606424329006

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9141606424329006&plah=www.growsonyou.com&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f214d0f3c444d2f082fa30b1603a0dc4cbbcc1a197300f33d013657def27533f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.growsonyou.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 06:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.growsonyou.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 06:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EBC9 57 KB
22 KB 641ms
640ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=90&slotname=2282767776&adk=506372640&adf=3442017251&pi=t.ma~as.2282767776&w=728&lmt=1618380152&psa=0&format=728x90&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152117&bpp=20&bdt=193&idt=105&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6548322960228&frm=20&pv=2&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gqBnK7GBc5&p=https%3A//www.growsonyou.com&dtd=122

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74ec00f5783600303439905407df49c9b2e6356d01e34d84960c60b41bc9f9e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9141606424329006&output=html&h=90&slotname=2282767776&adk=506372640&adf=3442017251&pi=t.ma~as.2282767776&w=728&lmt=1618380152&psa=0&format=728x90&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152117&bpp=20&bdt=193&idt=105&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6548322960228&frm=20&pv=2&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gqBnK7GBc5&p=https%3A//www.growsonyou.com&dtd=122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.growsonyou.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.growsonyou.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 14 Apr 2021 06:02:32 GMT
server: cafe
content-length: 22169
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 14-Apr-2021 06:17:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Apr 2021 06:02:32 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253580951442"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Wed, 14 Apr 2021 06:02:32 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF8F 399 B
273 B 763ms
763ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=60&slotname=2511726853&adk=2048124966&adf=2433827425&pi=t.ma~as.2511726853&w=468&lmt=1618380152&psa=0&format=468x60&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152167&bpp=4&bdt=243&idt=78&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=386&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=i0EodODgLf&p=https%3A//www.growsonyou.com&dtd=82

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1a52b3df43e69908d85e15cbd1f6fc92e6763c75525cc4191d7aacc8a1d9d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9141606424329006&output=html&h=60&slotname=2511726853&adk=2048124966&adf=2433827425&pi=t.ma~as.2511726853&w=468&lmt=1618380152&psa=0&format=468x60&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152167&bpp=4&bdt=243&idt=78&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=386&ady=2135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=i0EodODgLf&p=https%3A//www.growsonyou.com&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.growsonyou.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.growsonyou.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 14 Apr 2021 06:02:33 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 14-Apr-2021 06:17:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Apr 2021 06:02:33 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E10 90 KB
32 KB 694ms
693ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=250&slotname=6968241956&adk=2924835187&adf=1580287363&pi=t.ma~as.6968241956&w=300&lmt=1618380152&psa=0&format=300x250&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152186&bpp=11&bdt=262&idt=66&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=950&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ex8w59JxUG&p=https%3A//www.growsonyou.com&dtd=69

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a50da34790311c9c2bc4c04476b9f9d1f7b1f3f3bc64daf9aa12cfddf8981ad

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2634604976838620069/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2634604976838620069/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIPw2fCH_e8CFUv-dwod07QIDg&gqi=eIV2YPuZEMTW7_UPkpGZ6AY&layout=/sadbundle/%24csp%253Der3%24/2634604976838620069/300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9141606424329006&output=html&h=250&slotname=6968241956&adk=2924835187&adf=1580287363&pi=t.ma~as.6968241956&w=300&lmt=1618380152&psa=0&format=300x250&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152186&bpp=11&bdt=262&idt=66&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=950&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ex8w59JxUG&p=https%3A//www.growsonyou.com&dtd=69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.growsonyou.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.growsonyou.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2634604976838620069/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2634604976838620069/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIPw2fCH_e8CFUv-dwod07QIDg&gqi=eIV2YPuZEMTW7_UPkpGZ6AY&layout=/sadbundle/%24csp%253Der3%24/2634604976838620069/300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 14 Apr 2021 06:02:32 GMT
server: cafe
content-length: 31889
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 14-Apr-2021 06:17:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Apr 2021 06:02:32 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0BBF 0
188 B 15ms
15ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&adk=1812271804&adf=3025194257&lmt=1618380152&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&ea=0&flash=0&pra=7&wgl=1&dt=1618380152200&bpp=2&bdt=276&idt=58&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60%2C300x250&nras=1&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16384&bc=31&ifi=4&uci=a!4&fsb=1&dtd=63

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9141606424329006&output=html&adk=1812271804&adf=3025194257&lmt=1618380152&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&ea=0&flash=0&pra=7&wgl=1&dt=1618380152200&bpp=2&bdt=276&idt=58&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60%2C300x250&nras=1&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16384&bc=31&ifi=4&uci=a!4&fsb=1&dtd=63
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.growsonyou.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.growsonyou.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Apr 2021 06:02:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 14-Apr-2021 06:17:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Apr 2021 06:02:32 GMT
cache-control: private

GET
H2 200 1485698306557871717
tpc.googlesyndication.com/simgad/ Frame EBC9 54 KB
54 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1485698306557871717?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm4R66Xhx3BzZxCvKsp6ypJagfuMQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=90&slotname=2282767776&adk=506372640&adf=3442017251&pi=t.ma~as.2282767776&w=728&lmt=1618380152&psa=0&format=728x90&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152117&bpp=20&bdt=193&idt=105&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6548322960228&frm=20&pv=2&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gqBnK7GBc5&p=https%3A//www.growsonyou.com&dtd=122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdebb477b902dcfb03ad7912d44587e50e348f0aaeff41b45b411d6502c716b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2019 18:43:32 GMT
server: sffe
age: 532734
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55633
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:38 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/ Frame EBC9 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7469bb0c9cf9988f08f24ddadaa9c46a4b49028ed56a7a8a3446bea69401cd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 8830192366576089018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 06:01:20 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame EBC9 2 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 05:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 05:56:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBC9 118 KB
36 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 06:02:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame EBC9 13 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 05:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 05:58:58 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame EBC9 25 KB
10 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 05:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 05:23:51 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame EBC9 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxzLdeIV2YPzPD4-p3gPY07to3u7--F7s64b11wyR98f3gwIQASCXtPYOYJUCoAGHy5TSAsgBAqkCjzmHgK0PtD6oAwHIA8kEqgT3AU_Qj0QoU9_vDtPZKzHT_cHUd5fK82engQnp-mPbbslRmyJDYdN9OGzdd4Ki9zgd4AzZZUJa-Qk6kYXkDkJMT-o8Ovv-AAL-f-hka2ElMMfBst9nwwGEE9Iy5C7rP3d1XD-AcfeZJxM7-oNA8tMeKTOpXorLHtz535fv5_pXS9tPvJzQsCgmdCIakU6TQvocpxeu-bf96Ylq0fqqO8kymB3bjIpjqwQUVvIDuyYHMvEhIRM621sB-aiwN-CmAgudJH75oQgRuYAy5YX4cGitDPcjWdW66P6iMjNSYnTSmQ2WwRlZvEKGvSi51mWfXPXVCWDYvDCUw6fABJSylpDIApIFBAgEGAGSBQQIBRgEoAYCgAfhtOutAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDXsBXSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItOTE0MTYwNjQyNDMyOTAwNg&sigh=3PkD12iPzIY

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=90&slotname=2282767776&adk=506372640&adf=3442017251&pi=t.ma~as.2282767776&w=728&lmt=1618380152&psa=0&format=728x90&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152117&bpp=20&bdt=193&idt=105&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6548322960228&frm=20&pv=2&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gqBnK7GBc5&p=https%3A//www.growsonyou.com&dtd=122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 14 Apr 2021 06:02:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Apr 2021 06:02:32 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9412 143 B
216 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=90&slotname=2282767776&adk=506372640&adf=3442017251&pi=t.ma~as.2282767776&w=728&lmt=1618380152&psa=0&format=728x90&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152117&bpp=20&bdt=193&idt=105&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6548322960228&frm=20&pv=2&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gqBnK7GBc5&p=https%3A//www.growsonyou.com&dtd=122
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=90&slotname=2282767776&adk=506372640&adf=3442017251&pi=t.ma~as.2282767776&w=728&lmt=1618380152&psa=0&format=728x90&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152117&bpp=20&bdt=193&idt=105&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6548322960228&frm=20&pv=2&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gqBnK7GBc5&p=https%3A//www.growsonyou.com&dtd=122

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 14 Apr 2021 05:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame CAF5 247 B
789 B 64ms
15ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

5a5555bcf32d73e888a4f28902967b28ddb900e931d2e6c6245e4619aa27ad89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-KDusg6rQyjVUid-CcIXWZA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 204
date: Wed, 14 Apr 2021 06:02:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9412
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

39ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlji-leXsDk-932zfg7-6F-REFCP429GLMDUuA0AhKqOywF1vvnYNNp3YLn8gw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Apr 2021 06:02:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 14-Apr-2021 07:02:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Apr 2021 06:02:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Apr 2021 06:02:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EBC9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2452d532d358fb7a100498923e36625c6b07aa19b3201d5bcf98c47e6b99753

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/ Frame 8E10 17 KB
7 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=250&slotname=6968241956&adk=2924835187&adf=1580287363&pi=t.ma~as.6968241956&w=300&lmt=1618380152&psa=0&format=300x250&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152186&bpp=11&bdt=262&idt=66&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=950&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ex8w59JxUG&p=https%3A//www.growsonyou.com&dtd=69

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7469bb0c9cf9988f08f24ddadaa9c46a4b49028ed56a7a8a3446bea69401cd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 8830192366576089018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 06:01:20 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 8E10 2 KB
1 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 05:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 05:56:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E10 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 06:02:33 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 8E10 13 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 05:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 05:58:58 GMT

GET
H3-Q050 200 iframe.html Show response
p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame CAF5 7 KB
3 KB 43ms
28ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

be534572861057da8f93c8a41c3bbe712c1170b6f00be425af984c6152cebdc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-U0DUmnf0NrnLu6f--8npoA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 2423
date: Wed, 14 Apr 2021 06:02:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 25 Feb 2021 15:45:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 300x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2634604976838620069/ Frame EC33 120 KB
53 KB 29ms
22ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2634604976838620069/300x250.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7afba7900e949966cdb0829b6ae190da4d79ddab67aaf5cfaefc3ea1c23d27f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2634604976838620069/300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 13 Apr 2021 05:20:30 GMT
expires: Wed, 13 Apr 2022 05:20:30 GMT
last-modified: Tue, 06 Apr 2021 00:41:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 52924
age: 88923
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8E10 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClMbreIV2YIPUEMv83wPT6aJw_5jijGLkrIy9mQ2_4R4QASCXtPYOYJUCoAGbiNGfA8gBCakCASNeW5kQtD6oAwHIA0iqBP4BT9C_RKD2-pbctyIFfpAoxPcaTg7523B4Fm3fqmVWdgeBltSjUXRpGRsy9n1GGmj_tS_Ozpal9hl592U92hP-t47VVr8FTf8akC6qvEBtHSAJGXX-DsaKlt8I6dMEovHFmig2gzYf5UAIaMzftSAWQQNXg5baZsFzSn468s70fzeOO4jGUZt-QWYyV1jBZNo6GAoihovKg9__Wx1haih-PUO6_5gJu47vLjVz3s10Y3Ytru94hyLPjkUVhazkZ2aooG35bP9uhonOQH3HhlvhCNZ5WPLfV7Q3mZb341P7ptb26wUun6aAhE_BFCx9MQQNoN4JQjqfFgT0C5GBltbABMq66JWJA5IFBAgEGAGSBQQIBRgEoAYugAfN965gqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOCcP9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi05MTQxNjA2NDI0MzI5MDA2&sigh=GcaNUfzJYmg&template_id=419

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=250&slotname=6968241956&adk=2924835187&adf=1580287363&pi=t.ma~as.6968241956&w=300&lmt=1618380152&psa=0&format=300x250&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152186&bpp=11&bdt=262&idt=66&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=950&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ex8w59JxUG&p=https%3A//www.growsonyou.com&dtd=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 14 Apr 2021 06:02:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 56D0 143 B
169 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=250&slotname=6968241956&adk=2924835187&adf=1580287363&pi=t.ma~as.6968241956&w=300&lmt=1618380152&psa=0&format=300x250&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152186&bpp=11&bdt=262&idt=66&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=950&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ex8w59JxUG&p=https%3A//www.growsonyou.com&dtd=69
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlji-leXsDk-932zfg7-6F-REFCP429GLMDUuA0AhKqOywF1vvnYNNp3YLn8gw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9141606424329006&output=html&h=250&slotname=6968241956&adk=2924835187&adf=1580287363&pi=t.ma~as.6968241956&w=300&lmt=1618380152&psa=0&format=300x250&url=https%3A%2F%2Fwww.growsonyou.com%2Fmatthew21paul%2Fblog%2F34329-singing-bowl-for-beginners&flash=0&wgl=1&dt=1618380152186&bpp=11&bdt=262&idt=66&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C468x60&correlator=6548322960228&frm=20&pv=1&ga_vid=1372772758.1618380152&ga_sid=1618380152&ga_hid=1345432172&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=950&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44740079&oid=3&pvsid=1185213210252612&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ex8w59JxUG&p=https%3A//www.growsonyou.com&dtd=69

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 14 Apr 2021 05:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2348
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8E10 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe76f4af7609c0029f5425c7dd8f99e400367e8cbbc573872eb5cd538e77a1b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame EC33 9 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2634604976838620069/300x250.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 12:33:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 14 Apr 2021 12:33:27 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EC33 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2634604976838620069/300x250.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 14 Apr 2021 18:54:37 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 56D0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
250 B

41ms
41ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlji-leXsDk-932zfg7-6F-REFCP429GLMDUuA0AhKqOywF1vvnYNNp3YLn8gw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Apr 2021 06:02:33 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 14-Apr-2021 07:02:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Apr 2021 06:02:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Apr 2021 06:02:33 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EC33 35 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fc3a40ee88cbb65b7040ea17f7a4d6823bc931c81777b7fd5bfa51cfe00d492

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame DEEE 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:19:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 24186
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Wed, 13 Apr 2022 23:19:27 GMT

GET
H3-Q050 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame EC33 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:19:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 24186
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Wed, 13 Apr 2022 23:19:27 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 44ms
31ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210412&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9904a9b9f9a3fd2f29ade558d0aba24de96015987e9861f1d92c2081f8eba75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 06:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6520
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 06:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 14 Apr 2021 06:02:33 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DD83 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.growsonyou.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.growsonyou.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 14 Apr 2021 05:47:45 GMT
expires: Thu, 14 Apr 2022 05:47:45 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 888
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame DD83 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:19:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 24186
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Wed, 13 Apr 2022 23:19:27 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 15ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210412&jk=1185213210252612&bg=!eXqlej7NAAb2K53n9is7ACkAdvg8WqC218E9Btapm4Jsq8361I3Ns9J9le_JhB7pkuFTQQKnYKs2sgIAAABpUgAAAAxoAQcKAXZUrauwItSORbwZiWMg8IZNYmuUhxsdb8oqZPEOuB1u0fhwpfFJagfPKRo2C3eZ_BTyVHksNFn5S6LPOlsFT8N307u4gUd3cfhmtpLZpWJRCC5bjDRK0y5dQ-S2s7m5zA_ZhKxKTh8zj7LSicSViy6z-mKlZNdre-c3txvkPzGz3r4WKXMIpiYwX-ZaEe6AmmOJc_mrN1bG2QWEPs6q9Ep1L35ld482qLj2q356o_FRUEfIIAne1c0GsuXOgCm1d9ugDiihvkHKv1FopK_TuHU87hrHJ0YGQENG0FWMcrnlS8UNIoPgucA_8jwgBllOkBoat4xbs72JhH4aCWTAQJJR9mJ01EZv9rFiMNVUWD1Sq_shvpZm3O0NTO0ba4Zu6CtBEUy_ABtNpAsXpnbFli3q8z2tCuMR3KOlkj1CBqKt7E0jeBFe6Z-w_c05zvLKf3sp5ffkty3J4kN_uIwnftAKMMZJ7TkRQc6x_Ubdo-0YFzGigrw7WJkBz_suPsBrayYhxq7yAAfWi0vYlPvBFPAqFVHY7AN5EEYzY0LV476NLkz56xaM65uLyuXdIVAUrO5yG7MVhDGp8BxripPRQpVQQLHoMW2_kna6XFRwegiEK0eKMbYDqh2IJcURIBccKJLGgQ7GkKFeHSxAx5sKElppkzzSUR2NLc5duFrmrDXilJzS3hfvOPSCPboJGfu79-oqaulGNwwv5Hew6KtXGgmaN_Wjz-RLtdlJTQRWyBLSiKtJ0VXIwPIRSu6t81vK0_SUeSe8VpJDZ2j4VtA26EUHlFtsA3bLaL6jjvUwyIGZQqtHlh_YhCWVPoOwcjszaMpzKk__hw0n52bT1JFoRjUaqmTnZSl7AsOFsfsIC42LB3WPxyOZoBRuAwafyfLcNPfFS4tjuWDeYmSKOx2uEgMJRogeJxbEyjWJpbdeexVImp3FKRFCCLYKi73WVz66x4oIjpMw79dJd6Ipg3M_odWEOIjqxmJQucI_LUE1iwRkbmRURdGrUB5LDp3Rpf7DUi9UqqbLi0EieGfzL9tjH6IAI4b-d6DKNaCUd2eoyb2-Xbg7CVgJne583Q0ORx5yayiHnAUDelkfiOouNTZNyUMfUQPyzc3Obm0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.growsonyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 06:02:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBC9 42 B
155 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZdm0pbdc7gkcWmwlQ5_YbiD8vkyxjKUgFZDNgC6VJtoTiPPgCvvKfbA1hD0x1lxLi-wYBIysh-PhWOIWRTLITcPl0MAuVKTsO59xSH8TJ_yU1G8-gHYeIEaCYiA&sai=AMfl-YT-t7ja2jbckznZpbwYtVcmr2VcWqYLt6zfCghSj3u-Z9ITXOUkEWALZE4rxZarX3p5Q1KRp5MES79t&sig=Cg0ArKJSzN4PP33uns80EAE&id=osdim&mcvt=1000&p=3,436,93,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210412&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=506372640&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618380152242&dlt=643&rpt=59&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 06:02:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E10 42 B
66 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskgjBGtHtyo9XcMEUZ6mhok68QoL1XIVNZeSbBsoAD4sNnLtFJ2L6NzXAlXjFMD10EMkPmf_hk4gCpDBTC2FcxWUZrMzXq7nMlqDJ1qsel_zMBVFyE0tp_jgdx0A&sai=AMfl-YRVCw8p5LY-4owxn3lMv5CVVMeXqs4diDA4cCpmO8l2senQ8n2suV6Q8z_PnapCwgN1GuXju6z0svIz&sig=Cg0ArKJSzCcOxkWLn12sEAE&id=osdim&mcvt=1000&p=277,950,527,1250&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210412&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2924835187&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618380152256&dlt=730&rpt=40&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 06:02:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i1-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame CAF5 35 B
410 B 64ms
13ms Image
image/gif 2a00:1450:4001:82b::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i1-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 06:02:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i2-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame CAF5 35 B
410 B 69ms
15ms Image
image/gif 142.250.185.210
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i2-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.210 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 06:02:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:33:03	Name: DSID Value: NO_DATA
.growsonyou.com/	1970-01-20 02:54:36	Name: __gads Value: ID=c6a06edca07c86a2-220c2a548ca7002a:T=1618380152:RT=1618380152:S=ALNI_MZ1Yzj_JvPmR2vfMKXer60fbU-HWw
.growsonyou.com/	1970-01-19 17:33:01	Name: __utmb Value: 232933064.1.10.1618380152
.growsonyou.com/	1970-01-20 11:04:12	Name: __utma Value: 232933064.1372772758.1618380152.1618380152.1618380152.1
.growsonyou.com/	1970-01-19 17:33:00	Name: __utmt Value: 1
.doubleclick.net/	1970-01-19 17:33:01	Name: test_cookie Value: CheckForPermission
.growsonyou.com/	1970-01-19 21:55:48	Name: __utmz Value: 232933064.1618380152.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.growsonyou.com/	1969-12-31 23:59:59	Name: __utmc Value: 232933064
.doubleclick.net/	1970-01-20 02:54:36	Name: IDE Value: AHWqTUlji-leXsDk-932zfg7-6F-REFCP429GLMDUuA0AhKqOywF1vvnYNNp3YLn8gw
www.growsonyou.com/	1969-12-31 23:59:59	Name: _session_id Value: 5ca814ef3c2311b835658d7a42ed5f50

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.growsonyou.com
googleads.g.doubleclick.net
media.growsonyou.com
p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i1-v6exp3.ds.metric.gstatic.com
p4-cbh4wg4maanni-q4sfwelyksyebm47-747334-i2-v6exp3.v4.metric.gstatic.com
p4-cbh4wg4maanni-q4sfwelyksyebm47-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.growsonyou.com
www.gstatic.com
13.225.87.31
142.250.185.210
142.250.185.66
142.250.185.99
2a00:1450:4001:800::2001
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2012
52.30.137.112
99.84.156.26
10581629c7defe2555fb65772506b6d57b880a89d176bd4bd7a8610c3e2c6535
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14c852b67c32b6ca24b17d2d625e813d0c2e75495502d2b5c9ff32d755a8e8f4
16d9c13728e1a0ecdfb31e76ca0eff7c75d6692f3bf526d933e2cbf7beb5b565
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
28b5c01ee6e34af08143157dbb198c733700b5f7521ebdc73942c4493e8ad90a
2ae8b06af3c837e4815cb3927ba796ca43017d7e2280da2f00cd7cd146d449c0
2dd21ff076681767228872caaddf12cb7ea149b6a0b3bf98329bdaf5b9a145c3
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e
452299bf973d96a1602d92ae67d7b7f16fc74ada4032467ecb96881fdb776b9f
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
5a5555bcf32d73e888a4f28902967b28ddb900e931d2e6c6245e4619aa27ad89
5c6e3510d62f041caea857ad980cbe60de7992d1344b6f3e7c99e809fb477093
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b
6d6ecfef38ed8f5540801f718a17f42ec13052be9baee28a2b12eecf013a808a
6e67878ec75570dd640bc71c9366387db0f5ff7980b47565b8cacd8c51edc881
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7469bb0c9cf9988f08f24ddadaa9c46a4b49028ed56a7a8a3446bea69401cd79
74ec00f5783600303439905407df49c9b2e6356d01e34d84960c60b41bc9f9e1
7afba7900e949966cdb0829b6ae190da4d79ddab67aaf5cfaefc3ea1c23d27f3
7ce8a19147e078f70cc6ea8cb503596030659039a5edaa882142686f488aa393
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a50da34790311c9c2bc4c04476b9f9d1f7b1f3f3bc64daf9aa12cfddf8981ad
8fc3a40ee88cbb65b7040ea17f7a4d6823bc931c81777b7fd5bfa51cfe00d492
95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c
9904a9b9f9a3fd2f29ade558d0aba24de96015987e9861f1d92c2081f8eba75c
9fe76f4af7609c0029f5425c7dd8f99e400367e8cbbc573872eb5cd538e77a1b
a1a52b3df43e69908d85e15cbd1f6fc92e6763c75525cc4191d7aacc8a1d9d6c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
b2ca7c41894285dbacb87f21f1ecb96f348b6bd41ba168dda5775158d4e64cef
b42caa615af5386909edada33feea7ecc250908c8551a1645bfd301cb66f07fb
bdebb477b902dcfb03ad7912d44587e50e348f0aaeff41b45b411d6502c716b3
be534572861057da8f93c8a41c3bbe712c1170b6f00be425af984c6152cebdc2
c0cd7078775732800a90a63ff88b18655f1536b7a5955ea0db96e1e7b49ce0c4
c2fc43d610ade3d0419ca1a22bb7ad07599cfff4d0cfbfa33f65bb3b464b036c
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b
cf5004f7e07656242bd0039ec44065bbe56842f532a7e994e1926b2aaf7728c6
d2452d532d358fb7a100498923e36625c6b07aa19b3201d5bcf98c47e6b99753
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
da7689a43e8ec9c363f31f0687b56750c6b1420b05256e71985adff35971bc2a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b0d2ee262785fb4bfb4e4717d4e5cf7536e52f0821c091dc84f10b42e69df4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f214d0f3c444d2f082fa30b1603a0dc4cbbcc1a197300f33d013657def27533f
f32ff382f907e9696962d26fa1e0f84e7363ee178e7a97baf279a5b7b15e5384

www.growsonyou.com Open in urlscan Pro 52.30.137.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

67 %IPv6

9 Domains

16 Subdomains

18 IPs

3 Countries

857 kBTransfer

1820 kBSize

10 Cookies

0 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.growsonyou.com Open in urlscan Pro
52.30.137.112 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

67 %
IPv6

9
Domains

16
Subdomains

18
IPs

3
Countries

857 kB
Transfer

1820 kB
Size

10
Cookies

65 HTTP transactions
3 data transactions