www.pdxmonthly.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gmail.vuelosbaratosestambul.com/
Effective URL:
https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online
Submission: On November 16 via automatic, source certstream-suspicious (November 16th 2024, 1:28:36 pm UTC) — Scanned from GB

Summary HTTP 62 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 62 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pdxmonthly.com.
TLS certificate: Issued by E6 on October 27th 2024. Valid for: 3 months.

This is the only time www.pdxmonthly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	185.53.177.72 185.53.177.72	61969 (TEAMINTER...) (TEAMINTERNET-AS Team Internet AG)
1	2600:9000:211... 2600:9000:211e:5000:1d:4618:5c80:21	16509 (AMAZON-02) (AMAZON-02)
1 2	44.218.142.108 44.218.142.108	14618 (AMAZON-AES) (AMAZON-AES)
14	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.201.250.36 23.201.250.36	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2606:4700::68... 2606:4700::6812:1fea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:480... 2a02:26f0:480:587::523	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4017:800::2003	15169 (GOOGLE) (GOOGLE)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
62	18

4 185.53.177.72 (Germany)

ASN61969 (TEAMINTERNET-AS Team Internet AG, DE)

gmail.vuelosbaratosestambul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:5000:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.218.142.108 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-142-108.compute-1.amazonaws.com

shant-bqd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pdxmonthly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.250.36 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-250-36.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:1fea (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:587::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dce3e02dbd4b8f89b283bec5cb3e22dc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4017:800::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	pdxmonthly.com www.pdxmonthly.com	637 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 dce3e02dbd4b8f89b283bec5cb3e22dc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 173	153 KB
10	termly.io app.termly.io — Cisco Umbrella Rank: 13897	177 KB
5	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2559	250 KB
4	vuelosbaratosestambul.com gmail.vuelosbaratosestambul.com	3 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	19 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	210 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 265	1 KB
2	gstatic.com csi.gstatic.com	589 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	219 KB
2	shant-bqd.com 1 redirects shant-bqd.com — Cisco Umbrella Rank: 379195	4 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 623	33 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
1	typography.com 1 redirects cloud.typography.com — Cisco Umbrella Rank: 9685	447 B
1	cloudfront.net d38psrni17bvxu.cloudfront.net	1 KB
62	15

	Domain	Requested by
14	www.pdxmonthly.com	shant-bqd.com www.pdxmonthly.com
10	pagead2.googlesyndication.com	www.pdxmonthly.com gmail.vuelosbaratosestambul.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
10	app.termly.io	www.pdxmonthly.com
5	res.cloudinary.com	www.pdxmonthly.com
4	gmail.vuelosbaratosestambul.com	d38psrni17bvxu.cloudfront.net gmail.vuelosbaratosestambul.com
3	securepubads.g.doubleclick.net	www.pdxmonthly.com gmail.vuelosbaratosestambul.com
2	ep2.adtrafficquality.google	www.pdxmonthly.com
2	bam.nr-data.net	www.pdxmonthly.com
2	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.googletagmanager.com	www.pdxmonthly.com
2	shant-bqd.com	1 redirects gmail.vuelosbaratosestambul.com
1	ep1.adtrafficquality.google	www.pdxmonthly.com
1	js-agent.newrelic.com	www.pdxmonthly.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.pdxmonthly.com
1	dce3e02dbd4b8f89b283bec5cb3e22dc.safeframe.googlesyndication.com	www.pdxmonthly.com
1	cloud.typography.com	1 redirects
1	d38psrni17bvxu.cloudfront.net	gmail.vuelosbaratosestambul.com
62	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
www.pinterest.com
www.linkedin.com
about.pdxmonthly.com
por.pcdfusion.com
portlandmagazine.secure.darwin.cx
www.seattlemet.com
www.houstoniamag.com
www.aspensojo.com
www.vailmag.com
www.parkcitymag.com
sagacitymedia.com
gotogummies.com
www.ncbi.nlm.nih.gov
www.sarasotamagazine.com
safetyculture.com
worldstarhiphop.com
pubmed.ncbi.nlm.nih.gov
www.sciencedirect.com
www.dea.gov
www.sagacitymedia.com

Subject Issuer	Validity	Valid
gmail.vuelosbaratosestambul.com R11	`2024-11-16` - `2025-02-14`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
shant-bqd.com Amazon RSA 2048 M03	`2024-11-12` - `2025-12-11`	a year	crt.sh
pdxmonthly.com E6	`2024-10-27` - `2025-01-25`	3 months	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2024-05-28` - `2025-06-28`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online
Frame ID: 7042777B8304913E770B411EE28A0CC3
Requests: 53 HTTP requests in this frame

Frame: https://dce3e02dbd4b8f89b283bec5cb3e22dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC5A62D2A7768BD925EA36A569432FEA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstDMGHbw6mQQ0u-4ETMB_PyTi9r4N318VTLoqSn9Wi3B9_db0VV_SWLmkn2KlqwPM1oYrVDblqYkGN1bp3cLI9XH_Ajn3FXKLr-QURjvW5ZSdYsMSji7lua3MrIbT_biP5336rj5-pbd5Wf_TqJFO7q2OKeib4h9HL2PBxfE6y_kGX6LJzIB79EGLfCBuytlg_7KpGu76SKyTnkEtouvSyDgfgU8ZjrQu2OH__BDT3C-NsBluVboxyO2iZ65brtV62kl9J-L1Oc_oX3PZE0fbGUYeYXbSg6x61naPnnwualAUDyIR3H4UgT76m1U0HElgNlGmVMQxTr1aMrDmo4uC571CkLfsY5accSbePYV0ggjCzQ8VU0eATfykuHR506ODDgmdCs2fqOww&sig=Cg0ArKJSzKcT2Kcp2bJxEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 5A19B9E3BBF996D78EBDC9664AB1BA8E
Requests: 11 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 19CF60E95C893025A37BD3A4BC5263D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best Amanita Muscaria Gummies of 2024: Top 4 Amanita Gummies You Can Buy Online | Portland Monthly

Page URL History Show full URLs

https://gmail.vuelosbaratosestambul.com/ Page URL
https://shant-bqd.com/zclkvisitor/a98dc775-a41e-11ef-bd49-0affd42622dd/85aefdc2-9ed0-48aa-922d-60f... Page URL
https://shant-bqd.com/zclkredirect?visitid=a98dc775-a41e-11ef-bd49-0affd42622dd&type=js&browserWid... HTTP 302
https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummie... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

62
Requests

97 %
HTTPS

78 %
IPv6

15
Domains

18
Subdomains

18
IPs

3
Countries

1845 kB
Transfer

4493 kB
Size

3
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/portlandmonthly
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/PoMoMagazine
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/pomomagazine
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/portlandmonthly
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/portland-monthly
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://about.pdxmonthly.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://por.pcdfusion.com/pcd/Order?iKey=I**HPG
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://por.pcdfusion.com/pcd/CustomerSupport/App/132
Title: Renew Subscription

Search URL Search Domain Scan URL

URL: https://portlandmagazine.secure.darwin.cx/I3YCARTP
Title: Purchase Back Issues

Search URL Search Domain Scan URL

URL: https://www.seattlemet.com/
Title: Seattle Met

Search URL Search Domain Scan URL

URL: https://www.houstoniamag.com/
Title: Houstonia

Search URL Search Domain Scan URL

URL: https://www.aspensojo.com/
Title: Aspen Sojourner

Search URL Search Domain Scan URL

URL: https://www.vailmag.com/
Title: Vail-Beaver Creek Magazine

Search URL Search Domain Scan URL

URL: https://www.parkcitymag.com/
Title: Park City Magazine

Search URL Search Domain Scan URL

URL: https://sagacitymedia.com/

Search URL Search Domain Scan URL

URL: https://gotogummies.com/koicb-2370-1
Title: Koi MusciMind Gummies

Search URL Search Domain Scan URL

URL: https://gotogummies.com/diets-2370-2
Title: Diet Smoke Blue Boomers

Search URL Search Domain Scan URL

URL: https://gotogummies.com/exhal-2370-3
Title: Exhale Amanita muscaria Mushroom Gummies

Search URL Search Domain Scan URL

URL: https://gotogummies.com/cheef-2370-4
Title: Cheef Botanicals Amanita muscaria Gummies

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4614567/
Title: reduce pain caused by inflammation

Search URL Search Domain Scan URL

URL: https://www.sarasotamagazine.com/sponsored/2024/03/best-amanita-muscaria-gummies
Title: Amanita muscaria gummies

Search URL Search Domain Scan URL

URL: https://safetyculture.com/topics/certificate-of-analysis/
Title: Certificates of Analysis

Search URL Search Domain Scan URL

URL: https://worldstarhiphop.com/whatsgood/best-amanita-muscaria-gummies/
Title: best Amanita muscaria gummies

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/37112610/
Title: existing evidence indicates

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/35856422/
Title: may help reduce inflammation

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/34124286/
Title: alleviate anxiety

Search URL Search Domain Scan URL

URL: https://www.sciencedirect.com/science/article/abs/pii/S0367326X23001958
Title: mood-enhancing properties

Search URL Search Domain Scan URL

URL: https://www.dea.gov/drug-information/csa
Title: Controlled Substances Act

Search URL Search Domain Scan URL

URL: https://www.sagacitymedia.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gmail.vuelosbaratosestambul.com/ Page URL
https://shant-bqd.com/zclkvisitor/a98dc775-a41e-11ef-bd49-0affd42622dd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b494bce0-9245-11ef-a9a7-0affcf01680d Page URL
https://shant-bqd.com/zclkredirect?visitid=a98dc775-a41e-11ef-bd49-0affd42622dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B00%3A00&timezoneName=Europe%2FLondon HTTP 302
https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://cloud.typography.com/6681174/719008/css/fonts.css HTTP 302
https://www.pdxmonthly.com/fonts/864181/EE677378A2CD5E093.css

62 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gmail.vuelosbaratosestambul.com/ 2 KB
2 KB 3118ms
422ms Document
text/html 185.53.177.72
TEAMINTERNET-AS T...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmail.vuelosbaratosestambul.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: Caddy nginx /
Resource Hash: 13908fcaff3f0a96ca56be965c144593b97c78bb2c24918054eeab82bea877ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":8443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 16 Nov 2024 13:28:27 GMT
server: Caddy nginx
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_c2wYUkfklwwiDpkI93xQNttjc7yCHrzKkGvjgUdDvTtBRxfy+eWFzWXtX7GilGxY6eSZGsjTdGVSzEa6WxkXzg==
x-buckets: bucket011,bucket088,bucket077
x-domain: vuelosbaratosestambul.com
x-language: english
x-pcrew-blocked-reason
x-pcrew-ip-organization: British Telecommunications PLC
x-redirect: zeropark_zeroclick
x-subdomain: gmail
x-template: tpl_CleanPeppermintBlack_twoclick

GET
H2 200 js3.js Show response
d38psrni17bvxu.cloudfront.net/scripts/ 1 KB
1 KB 238ms
60ms Script
application/javascript 2600:9000:211e:5000:1d:4618:5c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by: Host: gmail.vuelosbaratosestambul.com
URL: https://gmail.vuelosbaratosestambul.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5000:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gmail.vuelosbaratosestambul.com/

Response headers

etag: "65fc1e7b-448"
age: 42889
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1096
x-amz-cf-id: s7rSjL4rfMfeSE92tUm2BexCxlY_0k9267cqeOiSQZS3oZAnNtcZeA==
date: Sat, 16 Nov 2024 01:33:38 GMT
content-type: application/javascript
last-modified: Thu, 21 Mar 2024 11:48:11 GMT
server: nginx
x-amz-cf-pop: FRA56-C2

GET
H2 200 track.php Show response
gmail.vuelosbaratosestambul.com/ 0
92 B 53ms
53ms XHR
text/html 185.53.177.72
TEAMINTERNET-AS T...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmail.vuelosbaratosestambul.com/track.php?domain=vuelosbaratosestambul.com&toggle=browserjs&uid=MTczMTc2MzcwNy4wODEzOjgyMWM2ZWFlMmE4MWNjMWRhNjcwYjU4OTU0ZWU3ODdjYTI4NTk2Nzg5N2YzODNkODE2MWM0Y2E5NTUzZjI0NDM6NjczODlkZmIxM2Q3NQ%3D%3D
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: Caddy, nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width: 1600
ect: 4g
Referer: https://gmail.vuelosbaratosestambul.com/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
rtt: 100
downlink: 10

Response headers

content-encoding: gzip
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
x-custom-track: browserjs
access-control-allow-origin: *
alt-svc: h3=":8443"; ma=2592000
date: Sat, 16 Nov 2024 13:28:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, nginx

GET
H2 201 ls.php
gmail.vuelosbaratosestambul.com/ 16 B
368 B 52ms
52ms XHR
text/javascript 185.53.177.72
TEAMINTERNET-AS T...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmail.vuelosbaratosestambul.com/ls.php?t=67389dfb&token=0c598f837419986e0bc5dcba49e3fd5e452e4a85
Requested by: Host: gmail.vuelosbaratosestambul.com
URL: https://gmail.vuelosbaratosestambul.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: Caddy, nginx /
Resource Hash

Request headers

viewport-width: 1600
ect: 4g
Referer: https://gmail.vuelosbaratosestambul.com/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
rtt: 100
downlink: 10

Response headers

access-control-max-age: 86400
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods: POST, OPTIONS
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Uizi6H8I/Xi6HeDqg0rSCibq1wtjVtt+emSAg1kHue32M+FwayRgCuDPBLbksblNvJQXz7GgdnsJvJCk7H6ing==
accept-ch-lifetime: 30
x-log-success: 67389dfb223834ee4c0fb68b
access-control-allow-origin
alt-svc: h3=":8443"; ma=2592000
date: Sat, 16 Nov 2024 13:28:27 GMT
charset: utf-8
content-type: text/javascript;charset=UTF-8
server: Caddy, nginx

GET
H2 200 track.php
gmail.vuelosbaratosestambul.com/ 0
91 B 110ms
110ms XHR
text/html 185.53.177.72
TEAMINTERNET-AS T...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmail.vuelosbaratosestambul.com/track.php?click=1e0f95b895464ee8d3bb4b8bd086944d7a120dea&domain=vuelosbaratosestambul.com&uid=MTczMTc2MzcwNy4wODEzOjgyMWM2ZWFlMmE4MWNjMWRhNjcwYjU4OTU0ZWU3ODdjYTI4NTk2Nzg5N2YzODNkODE2MWM0Y2E5NTUzZjI0NDM6NjczODlkZmIxM2Q3NQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDg4LGJ1Y2tldDA3N3x8fHx8fDY3Mzg5ZGZiMTNkM2Z8fHwxNzMxNzYzNzA3LjQyMDN8NzNkYmI0NWJjM2Y0ZGYyMDUyNDA5ODdkZGQ4ZjU4MzgyYzZlMDRmN3x8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDBjNTk4ZjgzNzQxOTk4NmUwYmM1ZGNiYTQ5ZTNmZDVlNDUyZTRhODV8MHx8MHwwfHx8fA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: Caddy, nginx /
Resource Hash

Request headers

viewport-width: 1600
ect: 4g
Referer: https://gmail.vuelosbaratosestambul.com/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
rtt: 100
downlink: 10

Response headers

x-view-match: true
content-encoding: gzip
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
x-custom-track: none
access-control-allow-origin: *
alt-svc: h3=":8443"; ma=2592000
date: Sat, 16 Nov 2024 13:28:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, nginx

GET
H2 200 85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d Show response
shant-bqd.com/zclkvisitor/a98dc775-a41e-11ef-bd49-0affd42622dd/ 3 KB
3 KB 415ms
104ms Document
text/html 44.218.142.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://shant-bqd.com/zclkvisitor/a98dc775-a41e-11ef-bd49-0affd42622dd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b494bce0-9245-11ef-a9a7-0affcf01680d

Requested by

Host: gmail.vuelosbaratosestambul.com
URL: https://gmail.vuelosbaratosestambul.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.218.142.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-218-142-108.compute-1.amazonaws.com

Software

Resource Hash

ada2d07836b5d37b5d38620c8a6b956894c82d6737b69c81c8058c4b99b89a7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: https://gmail.vuelosbaratosestambul.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Sat, 16 Nov 2024 13:28:28 GMT

GET
H3

200

Primary Request best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online Show response
www.pdxmonthly.com/advantage/2024/08/
Redirect Chain

https://shant-bqd.com/zclkredirect?visitid=a98dc775-a41e-11ef-bd49-0affd42622dd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

140 KB
46 KB

920ms
813ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Requested by

Host: shant-bqd.com
URL: https://shant-bqd.com/zclkvisitor/a98dc775-a41e-11ef-bd49-0affd42622dd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b494bce0-9245-11ef-a9a7-0affcf01680d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R) 6.0.23

Resource Hash

0835ed072f731ec78db5732cc4dd0093c7547eabb7fb1ca69107d4145072c8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shant-bqd.com/zclkvisitor/a98dc775-a41e-11ef-bd49-0affd42622dd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b494bce0-9245-11ef-a9a7-0affcf01680d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e37d30c3b2d7738-LHR
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 13:28:29 GMT
link: <//cloud.typography.com/6681174/719008/css/fonts.css>; rel=preload; as=style; nopush,</assets/application-e24de00c486fa1dd02ed30ad9517f006118391464a2843f9b88ba863d745a95b.css>; rel=preload; as=style; nopush,<https://app.termly.io/resource-blocker/b08bf188-0818-4262-9444-6a2b5430f19c>; rel=preload; as=script; nopush,</assets/application-2429a543cc6739980229123518ed65af83d49099d1941851b6d21b9db95b8960.js>; rel=preload; as=script; nopush
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOvWMVTONe3Y1NMGVR4I9Pl2XuHI%2Fxt4hDCRj1W0VOyAb89eUeFdbCRst4BENrxCtHtWQ4tjfSDuoreraDJF46HOB7YF9NqlZNTZbYDgplHHe9%2BB9%2FlxNjoECAlt5WSXa1%2BL6yWjadMar7e2qYMWnDs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=26362&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4057&recv_bytes=4506&delivery_rate=539&cwnd=12000&unsent_bytes=0&cid=83a6521313879af8&ts=806&x=1" cfExtPri cfHdrFlush;dur=0
status: 200 OK
strict-transport-security: max-age=0
vary: accept-encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) 6.0.23
x-request-id: c613bbb0-9024-4d66-9efa-c71e56b45d0c
x-runtime: 0.324249
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
date: Sat, 16 Nov 2024 13:28:28 GMT
location: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

GET
H3

200

EE677378A2CD5E093.css
www.pdxmonthly.com/fonts/864181/
Redirect Chain

https://cloud.typography.com/6681174/719008/css/fonts.css
https://www.pdxmonthly.com/fonts/864181/EE677378A2CD5E093.css

295 KB
223 KB

43ms
43ms

Stylesheet
text/css

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/fonts/864181/EE677378A2CD5E093.css

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R) 6.0.23

Resource Hash

907e2445658bbf3a41fadb482380bf32fb8af5f0a03516f5c251b06dfde6e2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"0bd0c097f256a6b9c8b8652bd610422b"
age: 3989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qVZMiaagQKuA0glJNWX5Jp80QkR%2BBuAfB%2FhiAjc7OZR4Zbtkztncvic%2BthCbcv4gKdOHwm3B%2BJw7krtajbecEnE5Enl8IoLMmKtNfboPnaMtgDeGSf2HM3aNNVQdWxOhsnDZFu2LB2%2B2epzt8hIQnDI%3D"}],"group":"cf-nel","max_age":604800}
status: 200 OK
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27994&sent=333&recv=93&lost=0&retrans=0&sent_bytes=352648&recv_bytes=15335&delivery_rate=158762&cwnd=127200&unsent_bytes=0&cid=83a6521313879af8&ts=2555&x=1", cfExtPri, cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sat, 16 Nov 2024 13:28:31 GMT
content-type: text/css
last-modified: Fri, 03 May 2024 15:17:24 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-amz-id-2: FH+IHiSdRICqJ90dtM8MgHoFhyyFV5JjrYddxPorUmX7c8SHgJlWwvmrxpzk+l9Dh+p4tdG8XPgVdWUsDELEoA==
strict-transport-security: max-age=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3HMCTW3Z16RMJ0SN
cf-ray: 8e37d31bd8887738-LHR
x-powered-by: Phusion Passenger(R) 6.0.23
server: cloudflare
x-amz-server-side-encryption: AES256

Redirect headers

Cache-Control: must-revalidate, private
Location: https://www.pdxmonthly.com/fonts/864181/EE677378A2CD5E093.css
ETag: "b97eccbe32df77c914b5f553a721c1cf:1687896633.169487"
Connection: keep-alive
Expires: Sat, 16 November 2024 13:28:30 GMT
X-HCo-pid: 19
Content-Length: 154
Date: Sat, 16 Nov 2024 13:28:31 GMT
Content-Type: text/html
Last-Modified: Tue, 27 Jun 2023 20:10:33 GMT
Server: AkamaiNetStorage

GET
H3 200 application-e24de00c486fa1dd02ed30ad9517f006118391464a2843f9b88ba863d745a95b.css
www.pdxmonthly.com/assets/ 160 KB
29 KB 42ms
41ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/assets/application-e24de00c486fa1dd02ed30ad9517f006118391464a2843f9b88ba863d745a95b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4bdd84a2e6be6ea13665b73767a53992763e0b5cffd676669b1c989f2424f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67194129-7212"
age: 149742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4clxmg%2FoGNhi0MeRbjzMIKsIGFomJdUVfKQeHXqQM28WMBCOrf%2BIzZ7iqyFWnEgwhOaePIA3yRIpcP%2Fy5AeMnSh6vI5jQ46ovlFuAU9YQqyGszARytWfc1%2FWIyBB%2B7IiDkvDD2CgHTQUl4AtAEZWSw%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31701&sent=27&recv=19&lost=0&retrans=0&sent_bytes=17559&recv_bytes=6244&delivery_rate=288447&cwnd=16800&unsent_bytes=0&cid=83a6521313879af8&ts=892&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 13:28:29 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 18:32:09 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=0
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d3117a4d7738-LHR
accept-ranges: bytes
content-length: 29202
server: cloudflare

GET
H3 200 b08bf188-0818-4262-9444-6a2b5430f19c Show response
app.termly.io/resource-blocker/ 503 KB
158 KB 187ms
69ms Script
text/javascript 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/resource-blocker/b08bf188-0818-4262-9444-6a2b5430f19c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e974263e519df56cde7042710c71aedebed69d0a14443f81d7831ec3e2a31677

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: max-age=14400, public
content-encoding: br
etag: W/"details::9c99d2614bdcb351beafb28ab17bb2de||embed::6735271a-7b8c1"
cf-ray: 8e37d3123c03cdbe-LHR
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 13:28:29 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 application-2429a543cc6739980229123518ed65af83d49099d1941851b6d21b9db95b8960.js Show response
www.pdxmonthly.com/assets/ 618 KB
193 KB 68ms
68ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/assets/application-2429a543cc6739980229123518ed65af83d49099d1941851b6d21b9db95b8960.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63830acb0d440410efaa51d5a258b4497aec2c60797ec875146d58bf4bce9303

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "6717c715-2ff72"
age: 41070
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eC1D%2B9IvW9F3p2pxGn2uomMrcjhI5N7auuAmRBKQQ2YAJO%2FoM2lQy2BukSx7YptaZkxNQ04UKs5c4m2aINOzLcjMP8lWMEfWtPlLDU%2FFWzDdJ7OgS9PWTmVbYZh5ONRY5%2F9HWQjKBYfE7cNXJvT6Ojk%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31701&sent=41&recv=19&lost=0&retrans=0&sent_bytes=34359&recv_bytes=6244&delivery_rate=288447&cwnd=16800&unsent_bytes=0&cid=83a6521313879af8&ts=906&x=1", cfExtPri, cfHdrFlush;dur=13
date: Sat, 16 Nov 2024 13:28:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Oct 2024 15:39:01 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=0
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d3117a537738-LHR
accept-ranges: bytes
content-length: 196466
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 108 KB
33 KB 202ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52fcd5590b64e3fd35e8b7ff9213362555e4986b2bfa112955db4661f31b97a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
etag: 580 / 20043 / 31089024 / config-hash: 13223844563403868853
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 13:28:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33485
x-xss-protection: 0
server: cafe

GET
H3 200 runtime-ae2dae2aef61aee45e20.js Show response
www.pdxmonthly.com/packs/js/ 3 KB
2 KB 42ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/packs/js/runtime-ae2dae2aef61aee45e20.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad928b285128061ab57e848c741b189d069d00f2d7cc37c5a40dce3472d0a500

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"671a852a-b80"
age: 2554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J48o7oNSJ%2FPPEULjONpYG895wtpex6aXjkmue%2B2jJBqUfz5123U9ilBkiu2vPDWHbqJvJ%2FkW8B4t62R2LPw5iu1braRiTFghLdjOccrDMI27%2Fw4CFq%2BxgkXwN18f%2Ba8kj9ynIUUzS7qah9ikqrD7lQI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28667&sent=269&recv=81&lost=0&retrans=0&sent_bytes=288956&recv_bytes=11062&delivery_rate=158514&cwnd=127200&unsent_bytes=0&cid=83a6521313879af8&ts=1789&x=1", cfExtPri, cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 17:34:34 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d31719ce7738-LHR
server: cloudflare

GET
H3 200 891-9b1be665b2316e8d3aee.js Show response
www.pdxmonthly.com/packs/js/ 44 KB
12 KB 45ms
44ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/packs/js/891-9b1be665b2316e8d3aee.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d9075073501e4a040cbdcfee031520757fd405efd9cf44f80acaa901d13e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"671a852a-b070"
age: 369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0hAZu%2BZlewLW0iJIGsta818qeudEvt0H0M07WLb3n0Vi3mkG%2FpuSZ13EJ6hYhlhH1ie4zS%2BQHJb9jqAxL2uuK0ezTWhi%2BJtNoisVIYMtoRx37qP%2Fxb522oL7EqiabqUKCPydiDWexpVyLN0rcih6nw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28775&sent=273&recv=82&lost=0&retrans=0&sent_bytes=291332&recv_bytes=11720&delivery_rate=51804&cwnd=127200&unsent_bytes=0&cid=83a6521313879af8&ts=1836&x=1", cfExtPri, cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 17:34:34 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d3176a117738-LHR
server: cloudflare

GET
H3 200 559-756d8694147bd1b66260.js Show response
www.pdxmonthly.com/packs/js/ 77 KB
22 KB 43ms
43ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/packs/js/559-756d8694147bd1b66260.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a50e15bceaf61784485219338013c5d57378b13d8e3c9a75419f386c52c719eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"671a852a-13237"
age: 369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rr3jXJd7iaFCavrHS425CCnnKCkint4Ai57ew2xvLiWvjs3xUp3GO7DhHz6med5wzbH5sr4VLBXRNZKH%2BFREOukJu%2BzMa7Gu8HI9MMFgVN7ZFcBQyoB3TBrbG2z4G7HznUlphhKGxpCPT8%2FmKgnq5PM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28513&sent=286&recv=84&lost=0&retrans=0&sent_bytes=304428&recv_bytes=12422&delivery_rate=320361&cwnd=127200&unsent_bytes=0&cid=83a6521313879af8&ts=1882&x=1", cfExtPri, cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 17:34:34 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d317aa647738-LHR
server: cloudflare

GET
H3 200 362-9c75dd4144f597698d51.js Show response
www.pdxmonthly.com/packs/js/ 29 KB
11 KB 51ms
50ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/packs/js/362-9c75dd4144f597698d51.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5313b9b5ac5f506ccf018228df8b893f937e98bf2d7deb7ba4f1cca08ce0a891

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"671a8521-72f0"
age: 3183
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2BHRca0P66JkJvvfAkNSnRKoYNsIP0VUSzri0RevUSp4%2F%2BieFIGhUExXPoDOk4b%2Fu6mr3x2BUzj%2B3ojfDmDUU6IrHp4jvBRcT1Z6CfF1aKkNJlIkoOwQCa8lougDVazMDpjb1YmHjT1zk1ozc%2Bv5anw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28333&sent=307&recv=87&lost=0&retrans=0&sent_bytes=327429&recv_bytes=13161&delivery_rate=560341&cwnd=127200&unsent_bytes=0&cid=83a6521313879af8&ts=1941&x=1", cfExtPri, cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 17:34:25 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d317fae37738-LHR
server: cloudflare

GET
H3 200 application-404aa351989332d037b3.js Show response
www.pdxmonthly.com/packs/js/ 16 KB
6 KB 43ms
43ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/packs/js/application-404aa351989332d037b3.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

979412301a67837c51dfa10da9396189a8f207ad2469b4e17bd6181f0a207563

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"671a852a-3ef5"
age: 369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07kau2WWUQw5abU7RpV9zR9O8zcjyUH4ds8NX8LeZ5s8Lq1zGvDICp8tpRpz08q6eoud%2BHZmFzGLg%2FlbCazXWKQ%2F%2FvphH5URBm3W831EIm19lnO0BCvI5mvDLoLyIjVZWz5rm0XMw2%2FkU8ukoJ%2BH02o%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28318&sent=318&recv=89&lost=0&retrans=0&sent_bytes=338931&recv_bytes=13861&delivery_rate=229377&cwnd=127200&unsent_bytes=0&cid=83a6521313879af8&ts=1988&x=1", cfExtPri, cfHdrFlush;dur=0
x-ua-compatible: IE=Edge
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 17:34:34 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d3185b9d7738-LHR
server: cloudflare

GET
H3 200 sagacity-logo-4eb164415b45e75ae875ccc04a66480635877f5bca672b4507453ec64ed04baf.svg
www.pdxmonthly.com/assets/ 1 KB
1 KB 59ms
59ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pdxmonthly.com/assets/sagacity-logo-4eb164415b45e75ae875ccc04a66480635877f5bca672b4507453ec64ed04baf.svg

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5ba30c20bbfc6d836b87e34c362e3c41efbe4d3adddfd7d7ef03c104a355f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "667ed932-2cb"
age: 4947048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIVeB1kM925dMVG9%2BGa7Zbd5T4G%2F2yuZebKMHcSuqrz6it7qN48jpngKY8Oq48AwEpyLwc65o1Z7YH3xfqkCyHq4KPyTa3MQZirydE9%2FF6%2FfAklj8qCigaDnbZS6g2aiaYuUUkVxR1m%2FdVMKFKF33zg%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27953&sent=266&recv=77&lost=0&retrans=0&sent_bytes=287428&recv_bytes=10274&delivery_rate=1780753&cwnd=127200&unsent_bytes=0&cid=83a6521313879af8&ts=1087&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 13:28:29 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 15:39:30 GMT
vary: Accept-Encoding
priority: u=2,i
strict-transport-security: max-age=0
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d3129b9b7738-LHR
accept-ranges: bytes
content-length: 715
server: cloudflare

GET
H3 200 icon-f0ce2a7c2e4cadad34030b5abba56335c93f0ae2da3ad3d8a69db960d2d61cbe.png
www.pdxmonthly.com/assets/portland_monthly/ 2 KB
2 KB 41ms
41ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pdxmonthly.com/assets/portland_monthly/icon-f0ce2a7c2e4cadad34030b5abba56335c93f0ae2da3ad3d8a69db960d2d61cbe.png

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf950787fafdd9bbaeaad3a85d8b9dd715a96ed68343b68adf0f696e64bdcc71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

cf-cache-status: HIT
etag: "663506a2-6c5"
age: 7415230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sqyvkQm7NHA9zDUTy4DUVJbBcv4yF%2BT3HdfEJjNaXJhX9HrWd%2B%2FPtXwqrWUNqL6uKnDhHtxJ2MtGB9AvLSQJ5FL2w2jgEwit8MyVtiA2vMyU7JdgGUiLO20YwCNtVoaJRZN2jMd3h5rZQgG7MK0MZs%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27953&sent=259&recv=77&lost=0&retrans=0&sent_bytes=281404&recv_bytes=10274&delivery_rate=1780753&cwnd=127200&unsent_bytes=0&cid=83a6521313879af8&ts=1069&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 13:28:29 GMT
content-type: image/png
last-modified: Fri, 03 May 2024 15:45:38 GMT
vary: Accept-Encoding
priority: u=2,i
strict-transport-security: max-age=0
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d3129ba27738-LHR
accept-ranges: bytes
content-length: 1733
server: cloudflare

GET
H2 200 2370-featured-image_whw8gn.jpg
res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/ 118 KB
119 KB 321ms
88ms Image
image/webp 2a02:26f0:480:587::523
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/2370-featured-image_whw8gn.jpg

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

06c9757ac9dbcdbcfd2e65084b0b9d7a763cd54cc43fc3f388fcbf69e74537bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

x-request-id: 1f7d55d4edef60ccb80670ac950b7250
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "43c80c4185df10c9ce8cb5c9f015496f"
x-content-type-options: nosniff
server-timing: cld-akam;dur=13;start=2024-11-16T13:28:30.167Z;desc=miss,rtt;dur=37,content-info;desc="width=1080,height=540,bytes=120720,owidth=1500,oheight=750,obytes=247244,ef=(1,11,13,17,97)",cloudinary;dur=142;start=2024-11-14T06:42:57.086Z
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: image/webp
content-disposition: inline; filename="2370-featured-image_whw8gn.webp"
vary: Accept,User-Agent,DPR,Sec-CH-DPR
last-modified: Mon, 26 Aug 2024 18:53:47 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 120720
content-dpr: 1
server: Cloudinary

GET
H2 200 1_koi_cbd_nar7gs.jpg
res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/ 37 KB
38 KB 365ms
149ms Image
image/webp 2a02:26f0:480:587::523
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/1_koi_cbd_nar7gs.jpg

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

315f1fc61b335de294118acc062ef2540444afb33ecc80ee08582666d4d172c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

x-request-id: 8a5727edc2cda07ad1d72c3ee13d1c3d
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "021adf0b2809226bb9fb5651000c10f3"
x-content-type-options: nosniff
server-timing: cld-akam;dur=21;start=2024-11-16T13:28:30.167Z;desc=hit-near,rtt;dur=37,content-info;desc="width=1080,height=540,bytes=38272,owidth=1500,oheight=750,obytes=113037,ef=(1,11,13,17,97)"
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: image/webp
content-disposition: inline; filename="1_koi_cbd_nar7gs.webp"
vary: Accept,User-Agent,DPR,Sec-CH-DPR
last-modified: Mon, 26 Aug 2024 18:54:11 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38272
content-dpr: 1
server: Cloudinary

GET
H2 200 2_diet_smoke_gzpb6q.jpg
res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/ 27 KB
27 KB 53ms
53ms Image
image/webp 2a02:26f0:480:587::523
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/2_diet_smoke_gzpb6q.jpg

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

a598a8068948a33c6d9795d658bfa0d0810379a08c1c6334d7ee5a87849862e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

x-request-id: f1fb884da4b60641293c13a143195ff0
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "d6eed0df2b514664225bbbb4e40a279b"
x-content-type-options: nosniff
server-timing: cld-akam;dur=9;start=2024-11-16T13:28:30.291Z;desc=hit-near,rtt;dur=21,content-info;desc="width=1080,height=540,bytes=27252,owidth=1500,oheight=750,obytes=89621,ef=(1,11,13,17,97)"
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: image/webp
content-disposition: inline; filename="2_diet_smoke_gzpb6q.webp"
vary: Accept,User-Agent,DPR,Sec-CH-DPR
last-modified: Mon, 26 Aug 2024 18:55:06 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27252
content-dpr: 1
server: Cloudinary

GET
H2 200 3_exhale_wellness_ng0o3c.jpg
res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/ 32 KB
33 KB 55ms
55ms Image
image/webp 2a02:26f0:480:587::523
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/3_exhale_wellness_ng0o3c.jpg

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

37e9cd0348eba340ca6258c385e4c591ad796105b8de7ff1aaa382f2dc4dea26

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

x-request-id: 188ac10be47202159f64c32b536c9163
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "23a772b0ff2b9b156d4364cff4241408"
x-content-type-options: nosniff
server-timing: cld-akam;dur=9;start=2024-11-16T13:28:30.826Z;desc=hit-near,rtt;dur=21,content-info;desc="width=1080,height=540,bytes=32686,owidth=1500,oheight=750,obytes=101913,ef=(1,11,13,17,97)"
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: image/webp
content-disposition: inline; filename="3_exhale_wellness_ng0o3c.webp"
vary: Accept,User-Agent,DPR,Sec-CH-DPR
last-modified: Mon, 26 Aug 2024 18:55:51 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32686
content-dpr: 1
server: Cloudinary

GET
H2 200 4_cheef_botanicals_srbbzi.jpg
res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/ 33 KB
34 KB 63ms
62ms Image
image/webp 2a02:26f0:480:587::523
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/sagacity/image/upload/c_crop,h_750,w_1500,x_0,y_0/c_limit,dpr_auto,f_auto,fl_lossy,q_80,w_1080/4_cheef_botanicals_srbbzi.jpg

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

8aae341a298c3d4434562b1183af7b523bcf0913ef743ac0c53f2c77b1ebd4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

x-request-id: 77f9516f2f96810d910083b53986a1e5
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "f02750175df53764378d3ef71ffb4e23"
x-content-type-options: nosniff
server-timing: cld-akam;dur=18;start=2024-11-16T13:28:30.887Z;desc=miss,rtt;dur=21,content-info;desc="width=1080,height=540,bytes=33976,owidth=1500,oheight=750,obytes=104645,ef=(1,11,13,17,97)",cloudinary;dur=46;start=2024-11-15T08:27:37.859Z
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: image/webp
content-disposition: inline; filename="4_cheef_botanicals_srbbzi.webp"
vary: Accept,User-Agent,DPR,Sec-CH-DPR
last-modified: Mon, 26 Aug 2024 18:56:38 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33976
content-dpr: 1
server: Cloudinary

GET
H3 200 sagacity-logo-f6175bd9a56270636d37326c950f4eaa6c7985d9a171bdd8c31108d397861a30.png
www.pdxmonthly.com/assets/ 6 KB
7 KB 42ms
41ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pdxmonthly.com/assets/sagacity-logo-f6175bd9a56270636d37326c950f4eaa6c7985d9a171bdd8c31108d397861a30.png

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f609e235bb68658dd6e32b71fc6560467cb296aa0343dc6d8d14959ec9009ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

cf-cache-status: HIT
etag: "663506a2-19ce"
age: 7420809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NsOlT0gdQfGeclaqxeentyEiYB8Whxflez41geSNwmgm9D5E0kJNTirHAF5CKWFpL2oCuKik0LOugwPQIsi8%2BnHNP%2Bs%2FltjE6NTC39EToAe7%2BhSiNI2CRntKv74s9IhJnnv1l%2Bq7elowE7iPctOBi0k%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28039&sent=325&recv=91&lost=0&retrans=0&sent_bytes=345126&recv_bytes=14666&delivery_rate=128742&cwnd=127200&unsent_bytes=0&cid=83a6521313879af8&ts=2172&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 13:28:30 GMT
content-type: image/png
last-modified: Fri, 03 May 2024 15:45:38 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=0
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d3197d267738-LHR
accept-ranges: bytes
content-length: 6606
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
90 KB 225ms
77ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WMKJLRX

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e3ae679257b1479aaf507761802c22783a37a62fe2c5edccaad812d03e681ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 16 Nov 2024 13:28:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 13:28:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 16 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91933
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/ 489 KB
152 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js?cb=31089024

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

183a79c135d08ca92841172975467ff9b6c24db28967e0e147c1a328f3198d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
etag: 17605025942849661478
age: 71836
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 17:31:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 15 Nov 2024 17:31:15 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155155
x-xss-protection: 0
server: cafe

GET
H3 200 icon-sprite-b93936962cffdfc64f8ad8e7b22b7c5aafd15b91b179c51b1b248fd2f01a00e0.svg
www.pdxmonthly.com/assets/ 242 KB
51 KB 42ms
41ms Other
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/assets/icon-sprite-b93936962cffdfc64f8ad8e7b22b7c5aafd15b91b179c51b1b248fd2f01a00e0.svg

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6699b96fb4b18f8a928c194a7633e5633eea8beba582de476c5c0ee3be0fc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "663506be-c878"
age: 799617
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z72oXW%2F6BGOcA2PPzXK%2FOAGiP2t%2Bm2xovL%2BZw%2B3v1HeVUh2m03K%2FDmriXdK53CJL35krH7AWTrWoSqOEqgZ6xsk6wlqSE5m%2BVzUIPpkecD1OvkisHBvDM1Hr4H%2B8aEkTBrGrwg%2BDp7hXPzt%2FKWmDTZ4%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29179&sent=532&recv=114&lost=0&retrans=0&sent_bytes=585632&recv_bytes=16997&delivery_rate=2322957&cwnd=235200&unsent_bytes=0&cid=83a6521313879af8&ts=2731&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 13:28:31 GMT
content-type: image/svg+xml
last-modified: Fri, 03 May 2024 15:46:06 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=0
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d31cf9d67738-LHR
accept-ranges: bytes
content-length: 51320
server: cloudflare

OPTIONS
H3 200 statistics
app.termly.io/api/v1/snippets/websites/b08bf188-0818-4262-9444-6a2b5430f19c/ Frame 0
0 281ms
280ms Preflight 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/b08bf188-0818-4262-9444-6a2b5430f19c/statistics

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pdxmonthly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e37d31d986003bb-LHR
content-length: 0
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
date: Sat, 16 Nov 2024 13:28:31 GMT
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 201 statistics Show response
app.termly.io/api/v1/snippets/websites/b08bf188-0818-4262-9444-6a2b5430f19c/ 3 B
561 B 252ms
252ms XHR
application/json 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/b08bf188-0818-4262-9444-6a2b5430f19c/statistics

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pdxmonthly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

access-control-max-age: 600
x-request-id: 6add2c65-556a-4f3b-b25f-b29ba1a5491f
access-control-expose-headers
cf-cache-status: DYNAMIC
etag: W/"43974ed74066b207c30ffd0fed514676"
access-control-allow-methods: POST
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 13:28:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.052762
strict-transport-security: max-age=15768000; includeSubDomains; preload
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
cf-ray: 8e37d31ec98d03bb-LHR
access-control-allow-origin: *
content-length: 3
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 cookies Show response
app.termly.io/api/v1/snippets/websites/b08bf188-0818-4262-9444-6a2b5430f19c/ 14 KB
3 KB 273ms
272ms XHR
application/json 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/b08bf188-0818-4262-9444-6a2b5430f19c/cookies?lang=en

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a19c9c90c71be41b5964987ee79d1e7e451633c05319a82dc999d354020244

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.pdxmonthly.com/

Response headers

access-control-max-age: 600
x-request-id: 57a18a48-bdc0-4d5d-8774-b6973436e663
access-control-expose-headers
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f5a19c9c90c71be41b5964987ee79d1e"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 17:28:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 13:28:31 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.028399
strict-transport-security: max-age=15768000; includeSubDomains; preload
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cache-control: public, max-age=14400
x-rack-cors: hit
cf-ray: 8e37d31d986203bb-LHR
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 670b099c0afcafae384298b91c16be944f4180369e9a73cd51631dccc3818544

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.pdxmonthly.com
Referer

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 26 KB
26 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3f8c3bc7ebaac81a342750c32a4d3605fee33737318eb342e4d6e10f5f1146e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.pdxmonthly.com
Referer

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 29 KB
29 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4086bc456e621ff51ffdadb062214c6a94f82ab18ad0cc4bb9244c2fe25f66b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.pdxmonthly.com
Referer

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87c92ef0458b52d7516ca64ad925afa843324174e2c43af8f8bd123678a3ddc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.pdxmonthly.com
Referer

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7498b17f1da010b3fdfd34be08332a53ae8e11b63aa3b4673461260f7b55845

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.pdxmonthly.com
Referer

Response headers

Content-Type: application/x-font-woff2

GET
H3 200 922.min.js Show response
app.termly.io/resource-blocker/support/ 481 B
594 B 48ms
48ms Script
application/javascript 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/support/922.min.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01681015815e521e794d23f5d59fbd77f14c0cc7f103459c66629e5082cac75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6735271a-1e1"
age: 3370
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 17:28:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 13:28:31 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 22:24:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: no-referrer
cf-ray: 8e37d31e4cddcdbe-LHR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 en.json Show response
app.termly.io/resource-blocker/i18n/ 12 KB
3 KB 44ms
44ms XHR
application/json 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/resource-blocker/i18n/en.json
Requested by: Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323bdc4b394aaf7983339dafaddb7c1a0e331ad4f2a94fe3a9f91e7f6912b96e

Request headers

Referer: https://www.pdxmonthly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Csrf-Token: ea2d85a5-d3b4-43cf-bacb-e1b362156315

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6735271a-3098"
age: 369
access-control-allow-methods: GET,OPTIONS
expires: Sat, 16 Nov 2024 17:28:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 13:28:31 GMT
content-type: application/json; charset=utf-8
last-modified: Wed, 13 Nov 2024 22:24:26 GMT
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=14400
cf-ray: 8e37d31f7a2d03bb-LHR
access-control-allow-origin: *
server: cloudflare

OPTIONS
H3 204 en.json
app.termly.io/resource-blocker/i18n/ Frame 0
0 182ms
163ms Preflight 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/resource-blocker/i18n/en.json
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: csrf-token
Access-Control-Request-Method: GET
Origin: https://www.pdxmonthly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e37d31e592303bb-LHR
date: Sat, 16 Nov 2024 13:28:31 GMT
server: cloudflare

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 71 KB
26 KB 213ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b981b475a7bb24086b9b0873f80d26ed024dcabd5664872ea4adddb5feb4dfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
etag: 3687360622562395515
age: 2814
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 13:41:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 16 Nov 2024 12:41:38 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26353
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 54 KB
20 KB 226ms
87ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1342489391366312&correlator=970617466754985&eid=31084402%2C31088950%2C31089024%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202411120102&ptt=17&impl=fifs&iu_parts=1020224%2CPortlandMonthly&enc_prev_ius=%2F0%2F1&prev_iu_szs=3x1%7C970x250&ifi=1&sfv=1-0-40&sc=1&lrm=100&abxe=1&dt=1731763711889&lmt=1731763711&adxs=0&adys=122&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.pdxmonthly.com%2Fadvantage%2F2024%2F08%2Fbest-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online&ref=https%3A%2F%2Fshant-bqd.com%2F&rumc=1342489391366312&rume=1&vis=1&psz=1600x671&msz=1600x548&fws=4&ohw=1600&td=1&egid=6277&tan=c4c0456e-ecb5-4a9e-9a45-bef23b94825b&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731763709664&idt=2120&cust_params=channel%3Dadvantage%26slug%3Dbest-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online%26uuid%3Dc58daefd-3753-4acf-9242-62defbfc82c9&adks=1618411688&frm=20&eoidce=1

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95b47dd34505f76640c809e682ebcaed18646cacdfd321dfe291a81c22c30afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
google-lineitem-id: 6819639095
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 16 Nov 2024 13:28:32 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138494513450
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.pdxmonthly.com
content-length: 20762
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 396 KB
129 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2S1JRDKV1P&l=dataLayer&cx=c&gtm=45He4bc0v857787253za200

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1f627f4067ec13855348d6c78f3ae30db739411c36acccf57ac7225131a9267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 16 Nov 2024 13:28:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 13:28:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 131589
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 container.html
dce3e02dbd4b8f89b283bec5cb3e22dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC5A 0
0 220ms
58ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dce3e02dbd4b8f89b283bec5cb3e22dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdxmonthly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 13:28:32 GMT
expires: Sat, 16 Nov 2024 13:28:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 717.min.js Show response
app.termly.io/resource-blocker/support/ 16 KB
7 KB 47ms
44ms Script
application/javascript 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/support/717.min.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd7b9189671a30cf30a66791c887b4d2af5afa113190d223d0049f822f4e399b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6735271a-3ee0"
age: 3370
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 17:28:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 13:28:31 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 22:24:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: no-referrer
cf-ray: 8e37d31fded1cdbe-LHR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 476.min.js Show response
app.termly.io/resource-blocker/support/ 7 KB
3 KB 59ms
58ms Script
application/javascript 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/support/476.min.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668d8d5ed461b617002c02ce837c25500fadba04c4ac7ad8d51e940ab12de531

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6735271a-1aa5"
age: 3369
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 17:28:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 13:28:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 22:24:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: no-referrer
cf-ray: 8e37d31fded5cdbe-LHR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 18.min.js Show response
app.termly.io/resource-blocker/support/ 7 KB
2 KB 43ms
43ms Script
application/javascript 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/support/18.min.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2310e624b9596807db7f43f3ecbef3105116c2064693c5e2237215b4ca4a5b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6735271a-1c75"
age: 3370
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 17:28:32 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 13:28:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 22:24:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: no-referrer
cf-ray: 8e37d3203f7ccdbe-LHR
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 196ms
61ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2S1JRDKV1P&gtm=45je4bc0v872557045z8857787253za200zb857787253&_p=1731763711465&gcs=G100&gcd=13q3q3q3q5l1&npa=1&dma_cps=-&dma=0&tag_exp=101925629~102067554~102067808~102077855&gdid=dNzg2MD&cid=2023157986.1731763712&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1731763712&sct=1&seg=0&dl=https%3A%2F%2Fwww.pdxmonthly.com%2Fadvantage%2F2024%2F08%2Fbest-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online&dr=https%3A%2F%2Fshant-bqd.com%2F&dt=Best%20Amanita%20Muscaria%20Gummies%20of%202024%3A%20Top%204%20Amanita%20Gummies%20You%20Can%20Buy%20Online%20%7C%20Portland%20Monthly&en=page_view&_fv=1&_nsi=1&_ss=1&ep.sponsored=true&ep.evergreen=false&ep.channels=advantage&ep.primary_channels=Advantage&ep.parent_channel=Advantage&ep.ecommerce=false&ep.authors=Chris%20Yuscavage&ep.uuid=c58daefd-3753-4acf-9242-62defbfc82c9&ep.publish_at=2024-08-26%2011%3A58%3A44%20-0700&ep.updated_at=2024-08-26%2014%3A13%3A07%20-0700&ep.tags=&tfd=3509
Requested by: Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.pdxmonthly.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 13:28:32 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5A19 0
0 94ms
88ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstDMGHbw6mQQ0u-4ETMB_PyTi9r4N318VTLoqSn9Wi3B9_db0VV_SWLmkn2KlqwPM1oYrVDblqYkGN1bp3cLI9XH_Ajn3FXKLr-QURjvW5ZSdYsMSji7lua3MrIbT_biP5336rj5-pbd5Wf_TqJFO7q2OKeib4h9HL2PBxfE6y_kGX6LJzIB79EGLfCBuytlg_7KpGu76SKyTnkEtouvSyDgfgU8ZjrQu2OH__BDT3C-NsBluVboxyO2iZ65brtV62kl9J-L1Oc_oX3PZE0fbGUYeYXbSg6x61naPnnwualAUDyIR3H4UgT76m1U0HElgNlGmVMQxTr1aMrDmo4uC571CkLfsY5accSbePYV0ggjCzQ8VU0eATfykuHR506ODDgmdCs2fqOww&sig=Cg0ArKJSzKcT2Kcp2bJxEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: gmail.vuelosbaratosestambul.com
URL: https://gmail.vuelosbaratosestambul.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 16 Nov 2024 13:28:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241112/r20110914/client/ Frame 5A19 3 KB
1 KB 84ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241112/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js?cb=31089024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 15083
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 09:17:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 16 Nov 2024 09:17:09 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5A19 217 KB
67 KB 46ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js?cb=31089024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c7a344f57eb8277ce0c6143e67a8807adc1264f6116796c8268df14c5df4c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
etag: 17285670962478883601
age: 1517
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 14:03:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 16 Nov 2024 13:03:15 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69038
x-xss-protection: 0
server: cafe

GET
H2 200 15765514005784874977
tpc.googlesyndication.com/simgad/ Frame 5A19 37 KB
38 KB 202ms
54ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15765514005784874977

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js?cb=31089024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

666e65f73f023e4dbae8cd527ffb3817f36cd0b1aba02576db8183217ecee9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

age: 52681
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 22:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 15 Nov 2024 22:50:31 GMT
last-modified: Fri, 25 Oct 2024 18:45:59 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 38263
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame 5A19 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64ce5ab02629e99f998271105d7a8b1c8ba94471ef4dbbb8d1414c6a7f537547

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A19 0
0 70ms
70ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 16 Nov 2024 13:28:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A19 0
0 72ms
71ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 16 Nov 2024 13:28:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5A19 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssIHqDCsWDate9R69jFBTDQv0h957Vvb4Y0jbIvZN9RAmyKYW40bmQzoPo0RZMmY9bltpiCC5avChOQAq0Db7rfB2nLMG5xADtsy0xx50YdYxcG_ubYkfoK1Zox0j618y6Fifm8k3U1b0URClbCThYFaZiDJuMSRS34mHd8SBHbHjVdCiQURNwM7IFG88-lbNL4VPmImGEadjdDcqmyLdzHPY1oaK_UNcJjbn4KzdP2v2CIkjIhqIcWVdkzMvmt_OiY3zE0CLRPFB_uTNaLJxyta4S9KmnUNAEYaVNZudxFvKfQUAw5tFebQ4MKzO0ETKNYWvJWRfryNb5Zy9kCNEaHagejlcIgipL5NDRPgfxVJToCc_eX1H7DSZbsVEjuhNVDnm08viE61QfD&sig=Cg0ArKJSzN4R6gJn1E7YEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 16 Nov 2024 13:28:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 nr-spa-1.273.0.min.js Show response
js-agent.newrelic.com/ 112 KB
33 KB 135ms
27ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.273.0.min.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5ae4a818071e118ec992196dcd42ae85ee0e320381140eb59d08ceb416402aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.pdxmonthly.com
Referer: https://www.pdxmonthly.com/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "38ea02666fda0fcf9ad33eca8b7c5b9c"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 33182
date: Sat, 16 Nov 2024 13:28:32 GMT
last-modified: Mon, 11 Nov 2024 18:20:59 GMT
content-type: application/javascript
x-served-by: cache-lcy-eglc8600083-LCY
x-cache-hits: 154649
vary: Accept-Encoding

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 163ms
55ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411120102&st=env

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d9da7af54ee0ef44620d602b314157bd02421719a00ea19881260a4ada92ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12966
date: Sat, 16 Nov 2024 13:28:32 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 5A19 71 KB
26 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: gmail.vuelosbaratosestambul.com
URL: https://gmail.vuelosbaratosestambul.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b981b475a7bb24086b9b0873f80d26ed024dcabd5664872ea4adddb5feb4dfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: br
etag: 3687360622562395515
age: 2861
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 13:40:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 16 Nov 2024 12:40:51 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26353
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.pdxmonthly.com&doc=complete&pg_h=20538&pg_w=1600&pg_hs=20538&c=1&aa_c=0&av_h=548&av_w=1600&av_a=876800&b=19868&all_b=19868&d=0.027&all_d=0.027&ard=0.027&all_ard=0.027&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 16 Nov 2024 13:28:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 favicon-79484e0ba308bf575ac1e01143aef22f8fbce05e0d858c8febf6e92ebbb9bd6a.ico
www.pdxmonthly.com/assets/portland_monthly/ 44 KB
31 KB 46ms
45ms Other
image/x-icon 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pdxmonthly.com/assets/portland_monthly/favicon-79484e0ba308bf575ac1e01143aef22f8fbce05e0d858c8febf6e92ebbb9bd6a.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbd261f3513164f9214c8cec44db35e9f1f2c6663573426eb7b130e7647f72a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "667ed932-78a1"
age: 7484650
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UC90TYH5mVAfM6cU8oFvzG4ziH3yYufv7ctKtJtL6vx9DZtXCi1JxMFPqHN28oxgYOSd1JS%2B3XzilhTG1m9lnK4Or386clmIG7QWZ1pAL7uQQMdDCJkfWnklI0OSC7lRVD1pD092Olc6PUX6WZ9dUTw%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31671&sent=578&recv=121&lost=0&retrans=0&sent_bytes=638876&recv_bytes=18141&delivery_rate=379115&cwnd=235200&unsent_bytes=0&cid=83a6521313879af8&ts=3674&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 13:28:32 GMT
content-type: image/x-icon
last-modified: Fri, 28 Jun 2024 15:39:30 GMT
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=0
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e37d322d9497738-LHR
accept-ranges: bytes
content-length: 30881
server: cloudflare

POST
H2 204 csi
csi.gstatic.com/ Frame 5A19 0
532 B 436ms
169ms Ping
image/gif 2a00:1450:4017:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~m3k7egh1&chm=1&c=1342489391366312&ctx=2&qqid=CIf4ksf64IkDFV-K_QcdG-Ab2w&met.4=fb.8~lb.e~ol.6t~idt.1eu~dt.-82&met.1=1.m3k7eg8j~14.6~15.0~16.6~17.6~18.6~19.6~20.6~21.6~22.19~23.19&met.7=CBsQCDgH~CCcQBBgBIA0oDTBuOGJoFHBmeKwCsAEBuAED~CB4QChgBIA0oDTBpOFxoFnBeeP4LgAHSCYgBghWwAQG4AQM~CBwQChgBIA4oDjBfOFFoFnA7eNqdBIABrpsEiAHtyw2wAQG4AQM~CBcQBhgBIA8oDzDvATjgAUATSCBQIFilAWAnaKUBcNoBeKOtAoAB96oCiAH3qgKwAQG4AQM~CBwQBBgBIH0ofTDEAThHaH5wwgF4rAKwAQG4AQM~CBwQBBgBIKoBKKoBMPQBOEporAFw8gF4rAKwAQG4AQM~CCgQChgBIIACKIACMK8COC9ogQJwqgJ4ndABgAHxzQGIAcO1BLABAbgBAw&met.3=113.8k_4~112.8j_6
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 13:28:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H/1.1 200
OK NRJS-5df159e6622835f7639 Show response
bam.nr-data.net/1/ 179 B
723 B 434ms
311ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-5df159e6622835f7639?a=572385084&v=1.273.0&to=cgxeQUcMWVUDQxpCXEIXQxpGC1pO&rst=4021&ck=0&s=ef6d1aace435e84a&ref=https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online&ptid=d1dc1f7a88f079d4&af=err,spa,xhr,stn,ins&ap=321&be=1054&fe=2794&dc=2042&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1731763708578,%22n%22:0,%22f%22:134,%22dn%22:137,%22dne%22:147,%22c%22:147,%22s%22:147,%22ce%22:242,%22rq%22:243,%22rp%22:1054,%22rpe%22:1316,%22di%22:2929,%22ds%22:3050,%22de%22:3096,%22dc%22:3845,%22l%22:3846,%22le%22:3848%7D,%22navigation%22:%7B%7D%7D&fp=3178&fcp=3178
Requested by: Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c46dbbfd1647259ff171497898ae0dd1aca68526dbc42ebb33ba5e877535ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.pdxmonthly.com/

Response headers

Transfer-Encoding: chunked
access-control-expose-headers: Date
timing-allow-origin: https://www.pdxmonthly.com
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
CF-Ray: 8e37d324decfcd18-LHR
Access-Control-Allow-Origin: https://www.pdxmonthly.com
Date: Sat, 16 Nov 2024 13:28:33 GMT
Content-Type: text/plain
Vary: Accept-Encoding
Server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 208ms
69ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 13:28:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 13:28:32 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 19CF 0
0 193ms
53ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdxmonthly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 13:26:32 GMT
expires: Sat, 16 Nov 2024 14:16:32 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK NRJS-5df159e6622835f7639 Show response
bam.nr-data.net/events/1/ 24 B
406 B 551ms
550ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-5df159e6622835f7639?a=572385084&v=1.273.0&to=cgxeQUcMWVUDQxpCXEIXQxpGC1pO&rst=4475&ck=0&s=ef6d1aace435e84a&ref=https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online&ptid=d1dc1f7a88f079d4
Requested by: Host: www.pdxmonthly.com
URL: https://www.pdxmonthly.com/advantage/2024/08/best-amanita-muscaria-gummies-of-2024-top-4-amanita-gummies-you-can-buy-online
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.pdxmonthly.com/

Response headers

CF-Cache-Status: DYNAMIC
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
CF-Ray: 8e37d326a955cd18-LHR
Access-Control-Allow-Origin: https://www.pdxmonthly.com
Content-Length: 24
Date: Sat, 16 Nov 2024 13:28:33 GMT
Content-Type: image/gif
Vary: Accept-Encoding
Server: cloudflare

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A19 42 B
65 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKYoV4MvJ3ekWzifK1mLvMmvxmZL5kpl2IZuZz5P6Ux6np2d2vDiXcYh2r6s1wCjdkKt38HbPIsXsgig6nbl_wYQsXng06nZXREOCCiuxJjesJg7_q2FwGSuJarmCubBrMj3ipztqQX6QvnchGSlTZUibNp2B53aqy7MfzC9DjhO2iuRHalRwKK9Iza7JNXrzU&sig=Cg0ArKJSzN3TwlvOzRKnEAE&id=lidar2&mcvt=1000&p=275,315,525,1285&tm=1095.1999998092651&tu=95&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241113&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1618411688&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2769651200&rst=1731763712179&rpt=240&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 16 Nov 2024 13:28:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 csi
csi.gstatic.com/ 0
57 B 103ms
101ms Ping
image/gif 2a00:1450:4017:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m3k7eg6i&c=1342489391366312&e=31084402%2C31088950%2C31089024%2C31061691%2C31061692&ctx=1&met.9=1.293~2.2h2~9.0~3_1.2k8~7_1.0~4_1.2r1~5_1.2rz~6_1.2s7&met.10=1_1.CIDCNRCAwjUYgJh1INcZKAE&met.3=112.2pw_6~113.2z8_2&met.1=1.m3k7edgi~6.3q~7.3t~8.43~9.43~10.6r~11.43~12.6r~13.tb~14.10k~15.u6~16.29e~17.2cq~18.2e0~19.2yu~20.2yu~21.2yw~22.2gb~23.2gb&qqid.1=CIf4ksf64IkDFV-K_QcdG-Ab2w
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.pdxmonthly.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 13:28:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202411120102&jk=1342489391366312&bg=!bG-lbyDNAAY7_TBtG_07ADQBe5WfONCJFG5PFP-D8HSu6ZoArB9J1v3k9Ci8fkwLpegAaJWr-qnNiCFwKdqmlpe_QtY7AgAAAEBSAAAAA2gBB34ANlveElfL_EOHbWtzttnS0mDePSQ6Ow09QgaxKpxBTau6TXryalIIXEKOyQgnu2JJxlbrC5g7iZkCl04-4zpK2G_TzPbJPFAiK8bPcdGlOv3klxyH2qXjclli5q5PH4MHKY6fg8SsZoe1Cx81FEU2eJ039avX0Y1-SOKhuH1HmbJTVNqxYa1Nv5C5La3xXSEmejY4HzAJkSkO-Sny9wuN4DQYq21M8Xpdq9dXVZanVu6kR-WfMUWIVS-7PyRDnWqF63WaDKhIF4l-fiege1kXB1MP7S7VyvCaK3kZdWcGcGABJriEXz6ABUNBSE7eVNIHJsSa8jC2R6eEuLesxFbr0PaGHNRoCpZGZBxu6_j62zwbKJUc2XDSwAknEcFs8zHunumoecb6RW_8XqniFdWwFE7KTGjJtB6zS8BrB3vG1fU07ZV0doZz3StGBtRjWr338V35_zRsbq4oPPg0n96tvZKDbMaUOPhqnDu6S9lbp3yet2MmkNVe_h12c2RQWcqqHYnKlnJlLn-GoQgvIwshbJrx8ImDse8Uu68E7SUBv65UPZsoyQBB782oWh5LZK258g797f-EVCWfBx2pPuW0LPbtagELgS9LbARKjqMNNP39xa_S7Ov_euwk_rYUrV4kwKbvqzKf07if2pdQeZ1fb635R1lAcHm64fxGVi4AfZDfbiMbCJkB48PsAZ8UNLugstxTaN3cc-CGuD8f7vsd767rS6saZVtQvcvlhh2TYEFJlO718VWKZaqc-61BYF_kl3pkM5_h4o3rE7ekgjEqcLshczTw2f2KvKx6qfGtSeMK2Ek4Vd7HHRt5XyUepu3lEDff2DDo4LBSEdY5cLTG92LBp8BK7Y8TGUzqH0UGr6_VWENSwFp5UUCt7EGYNa-Iy3ZTkJwQvMyvaIDJ1wxc8zafkAOj3hZsoPONLRQN0aaJ1vn4J7Kt3MqlN1cFAGRLWw

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pdxmonthly.com/	1969-12-31 23:59:59	Name: _ink_session Value: QFoexPtNtGl4wZWNutz88a%2BOhX2XKPSnWkZ7qrhxFYGlAqbvl2IYvIiUCUqoe%2FY3%2Fw0Fj0BCcPOE37CUiS%2FZB%2FFgmVfKRgMzDMBvapLk1G6EPya3KxrSps8UkXSaDEH5FeObeqpRAQkva5iLraexlpV3gvIuMb2fJxONfWAnMkmObi4RqUD1m1r8Ir5S%2Be0PqfexdIjqGpw7Qk706Ix%2Bxa%2FRZNW4VuW2u3dTNsS4k%2FGkN2oCF3u9U30%2FiZBhGaGf7ya6KbBpvfyLFgQvs5OrReG2exk%3D--qcfmteLzUWDsyl2v--VoHmctyOyG9ydMVUp%2F%2Fhiw%3D%3D
www.pdxmonthly.com/	1970-01-21 01:45:55	Name: csrf_token Value: ea2d85a5-d3b4-43cf-bacb-e1b362156315
.pdxmonthly.com/	1970-01-21 05:21:55	Name: __eoi Value: ID=c59b84711239bef7:T=1731763712:RT=1731763712:S=AA-AfjZPJKMo0RyPbZXvm6SvTGk2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://shant-bqd.com/zclkvisitor/a98dc775-a41e-11ef-bd49-0affd42622dd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b494bce0-9245-11ef-a9a7-0affcf01680d Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0540D8C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.termly.io
bam.nr-data.net
cloud.typography.com
csi.gstatic.com
d38psrni17bvxu.cloudfront.net
dce3e02dbd4b8f89b283bec5cb3e22dc.safeframe.googlesyndication.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
gmail.vuelosbaratosestambul.com
js-agent.newrelic.com
pagead2.googlesyndication.com
region1.google-analytics.com
res.cloudinary.com
securepubads.g.doubleclick.net
shant-bqd.com
tpc.googlesyndication.com
www.googletagmanager.com
www.pdxmonthly.com
ep1.adtrafficquality.google
162.247.241.14
185.53.177.72
2001:4860:4802:32::36
23.201.250.36
2600:9000:211e:5000:1d:4618:5c80:21
2602:816:5001::39
2606:4700::6812:1fea
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:81d::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:831::2002
2a00:1450:4017:800::2003
2a02:26f0:480:587::523
2a06:98c1:3120::3
44.218.142.108
01681015815e521e794d23f5d59fbd77f14c0cc7f103459c66629e5082cac75a
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
06c9757ac9dbcdbcfd2e65084b0b9d7a763cd54cc43fc3f388fcbf69e74537bb
0835ed072f731ec78db5732cc4dd0093c7547eabb7fb1ca69107d4145072c8b0
0c5ba30c20bbfc6d836b87e34c362e3c41efbe4d3adddfd7d7ef03c104a355f4
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
13908fcaff3f0a96ca56be965c144593b97c78bb2c24918054eeab82bea877ed
183a79c135d08ca92841172975467ff9b6c24db28967e0e147c1a328f3198d83
1dbd261f3513164f9214c8cec44db35e9f1f2c6663573426eb7b130e7647f72a
1e3ae679257b1479aaf507761802c22783a37a62fe2c5edccaad812d03e681ab
2310e624b9596807db7f43f3ecbef3105116c2064693c5e2237215b4ca4a5b39
315f1fc61b335de294118acc062ef2540444afb33ecc80ee08582666d4d172c4
323bdc4b394aaf7983339dafaddb7c1a0e331ad4f2a94fe3a9f91e7f6912b96e
37e9cd0348eba340ca6258c385e4c591ad796105b8de7ff1aaa382f2dc4dea26
4086bc456e621ff51ffdadb062214c6a94f82ab18ad0cc4bb9244c2fe25f66b3
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
52fcd5590b64e3fd35e8b7ff9213362555e4986b2bfa112955db4661f31b97a9
5313b9b5ac5f506ccf018228df8b893f937e98bf2d7deb7ba4f1cca08ce0a891
5ae4a818071e118ec992196dcd42ae85ee0e320381140eb59d08ceb416402aed
5c7a344f57eb8277ce0c6143e67a8807adc1264f6116796c8268df14c5df4c0a
5d9da7af54ee0ef44620d602b314157bd02421719a00ea19881260a4ada92ea2
611d9075073501e4a040cbdcfee031520757fd405efd9cf44f80acaa901d13e5
63830acb0d440410efaa51d5a258b4497aec2c60797ec875146d58bf4bce9303
64ce5ab02629e99f998271105d7a8b1c8ba94471ef4dbbb8d1414c6a7f537547
666e65f73f023e4dbae8cd527ffb3817f36cd0b1aba02576db8183217ecee9b3
668d8d5ed461b617002c02ce837c25500fadba04c4ac7ad8d51e940ab12de531
670b099c0afcafae384298b91c16be944f4180369e9a73cd51631dccc3818544
68c46dbbfd1647259ff171497898ae0dd1aca68526dbc42ebb33ba5e877535ee
87c92ef0458b52d7516ca64ad925afa843324174e2c43af8f8bd123678a3ddc3
8aae341a298c3d4434562b1183af7b523bcf0913ef743ac0c53f2c77b1ebd4eb
907e2445658bbf3a41fadb482380bf32fb8af5f0a03516f5c251b06dfde6e2d0
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
95b47dd34505f76640c809e682ebcaed18646cacdfd321dfe291a81c22c30afc
979412301a67837c51dfa10da9396189a8f207ad2469b4e17bd6181f0a207563
a50e15bceaf61784485219338013c5d57378b13d8e3c9a75419f386c52c719eb
a598a8068948a33c6d9795d658bfa0d0810379a08c1c6334d7ee5a87849862e5
ad928b285128061ab57e848c741b189d069d00f2d7cc37c5a40dce3472d0a500
ada2d07836b5d37b5d38620c8a6b956894c82d6737b69c81c8058c4b99b89a7b
b6699b96fb4b18f8a928c194a7633e5633eea8beba582de476c5c0ee3be0fc6e
b981b475a7bb24086b9b0873f80d26ed024dcabd5664872ea4adddb5feb4dfe5
bd7b9189671a30cf30a66791c887b4d2af5afa113190d223d0049f822f4e399b
bf950787fafdd9bbaeaad3a85d8b9dd715a96ed68343b68adf0f696e64bdcc71
c3f8c3bc7ebaac81a342750c32a4d3605fee33737318eb342e4d6e10f5f1146e
d4bdd84a2e6be6ea13665b73767a53992763e0b5cffd676669b1c989f2424f3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7498b17f1da010b3fdfd34be08332a53ae8e11b63aa3b4673461260f7b55845
e974263e519df56cde7042710c71aedebed69d0a14443f81d7831ec3e2a31677
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f627f4067ec13855348d6c78f3ae30db739411c36acccf57ac7225131a9267
f5a19c9c90c71be41b5964987ee79d1e7e451633c05319a82dc999d354020244
f609e235bb68658dd6e32b71fc6560467cb296aa0343dc6d8d14959ec9009ebf
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.pdxmonthly.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

78 %IPv6

15 Domains

18 Subdomains

18 IPs

3 Countries

1845 kBTransfer

4493 kBSize

3 Cookies

29 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pdxmonthly.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

78 %
IPv6

15
Domains

18
Subdomains

18
IPs

3
Countries

1845 kB
Transfer

4493 kB
Size

3
Cookies

62 HTTP transactions
6 data transactions