urlscan.io logo urlscan.io
SecurityTrails logo

www.rethink.onl Open in urlscan Pro
68.178.233.66  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Submission: On September 17 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 48 HTTP transactions. The main IP is 68.178.233.66, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is www.rethink.onl. The Cisco Umbrella rank of the primary domain is 778035.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 24th 2022. Valid for: 3 months.
This is the only time www.rethink.onl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 68.178.233.66 26496 (AS-26496-...)
5 172.217.194.156 15169 (GOOGLE)
6 74.125.24.156 15169 (GOOGLE)
1 142.251.12.156 15169 (GOOGLE)
1 74.125.130.155 15169 (GOOGLE)
1 74.125.24.157 15169 (GOOGLE)
4 23.108.101.160 59253 (LEASEWEB-...)
4 23.44.1.119 16625 (AKAMAI-AS)
6 74.125.24.132 15169 (GOOGLE)
2 142.251.10.157 15169 (GOOGLE)
7 172.217.194.101 15169 (GOOGLE)
2 199.232.46.132 54113 (FASTLY)
48 13
7    68.178.233.66 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-68-178-233-66.ip.secureserver.net
www.rethink.onl
5    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
pagead2.googlesyndication.com
6    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
googleads.g.doubleclick.net
1    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
partner.googleadservices.com
1    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
adservice.google.com.au
1    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.com
4    23.108.101.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1-sindc1.zemanta.com
b1t-sindc1.zemanta.com
4    23.44.1.119 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-1-119.deploy.static.akamaitechnologies.com
widgets.outbrain.com
6    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
2    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
www.googletagservices.com
7    172.217.194.101 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f101.1e100.net
fundingchoicesmessages.google.com
2    199.232.46.132 (Singapore, Singapore)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
215 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 75
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2282
www.google.com Failed
48 KB
7 rethink.onl
www.rethink.onl — Cisco Umbrella Rank: 778035
64 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
33 KB
4 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1260
24 KB
4 zemanta.com
b1-sindc1.zemanta.com — Cisco Umbrella Rank: 55430
b1t-sindc1.zemanta.com — Cisco Umbrella Rank: 40410
302 B
2 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 2626
15 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
88 KB
1 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 97372
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
698 B
48 10
Domain Requested by
7 fundingchoicesmessages.google.com pagead2.googlesyndication.com
7 www.rethink.onl www.rethink.onl
6 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.rethink.onl
5 pagead2.googlesyndication.com www.rethink.onl
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
4 widgets.outbrain.com googleads.g.doubleclick.net
widgets.outbrain.com
2 zem.outbrainimg.com googleads.g.doubleclick.net
2 b1t-sindc1.zemanta.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 b1-sindc1.zemanta.com www.rethink.onl
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.com.au pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
0 www.google.com Failed tpc.googlesyndication.com
48 14

This site contains links to these domains. Also see Links.

Domain
www.thelentorhillresidencescondo.sg
Subject Issuer Validity Valid
rethink.onl
cPanel, Inc. Certification Authority		 2022-06-24 -
2022-09-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.outbrainimg.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Frame ID: 03F9FB42EA91D2C6BBDC52CC45FE50E6
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: 56399F8932A6B90E790A506ED8833BE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
Frame ID: 7045DBAB45348CF54E1C5E204AC7F69D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=306952042&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771118&bpp=1&bdt=1169&idt=508&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lw0pDtCawb&p=https%3A//www.rethink.onl&dtd=511
Frame ID: B336620787B5A54C033FFB00B2DD45DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&adk=1812271804&adf=3025194257&lmt=1663451771&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&ea=0&pra=7&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771132&bpp=1&bdt=1183&idt=499&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90%2C1004x90&nras=1&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=503
Frame ID: 7E4365AAC3617C6CA55BCD2944D44D1F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=COFsye0ImY-XzK4rkvwTkgJxQmJmUjVydnLnVigrAjbcBEAEgAGClwKOApAGCARdjYS1wdWItMjI5MTgyNTgxNTU2MzE5N6ABxf-euQPIAQmoAwGqBNYBT9B6N1UNofTxoBzHP4J6CkOHZgaGEt1eopO-jq5guUK3l7ExGKsDrRA6_IrhjLIr0GN-bz6hvObXLidZUJqM2i3WbOr1XRmUZvEiYYyPRNlOr7zWRG0nSOuke7uzs7Io87axzNdRmMJd7xFaNAlzHnNqERRDfjQVaHLI04UZRISGT5__BZZu97xY2Xkoacp3AiqEBe7zDAZSSSL3k5cHqTzxusXaFq0prbd0DkAJfAP_ExWBYDIUoxYrRGtEu_02xneCpkY8LL1wePxXTEakqbFVw_DnaIAG94H1uPyt0-_XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIyOTE4MjU4MTU1NjMxOTcYAA&sigh=4Q3rjg_pRsA&uach_m=[UACH]&cid=CAQSGwCsnQUxYejmiUFZUBIok5w0hPdZuoEdh2xnoBgB
Frame ID: C68E3D5D839D3B7C8F7938DA635BDD35
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CHQkZe0ImY4zOLOWGssUPo_eemAmYmZSNXJ2cudWKCsCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi0yMjkxODI1ODE1NTYzMTk3oAHF_565A8gBCagDAaoE1gFP0ISdETZlctgzhFx_e9q7gK1Jqmf4ifhCQ5t1Qt1Ngp5_7mHtaze8PV90whEUDFwEU2S99zeXGQdEOQON8D8bo3MpAE3pYldh9NE3RsHNDd_UNKlgYQHO0CqQeo44koINJtSPl07zKuEP445ChbE5qxuKuqo-QNBDvjxd2JHAKQFbEuH8M9ZOBhcDX29PNDBowiOjAuA0vdbLWulIGdgKWNtNr8E-K40xL8RFO50AKmOHhh5dkLH_9zuA4SGn8r6hNcxlMmjxK0oXQ7pWFgipJs6x_YB2gAb3gfW4_K3T79cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjI5MTgyNTgxNTU2MzE5NxgA&sigh=IMG1MG6G81w&uach_m=[UACH]&cid=CAQSGwCsnQUxbz5x_gnbL-1odygXbr2lX4hb-rKNsRgB
Frame ID: 585B934B26C358C13D39AE806A90F379
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 28997CC256DA0E952A2AE8B30AF6A326
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB6641A5D1D0E07DA5BFCAE3F4DF048A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

User magnussonwise80 - rethink

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

96 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

489 kB
Transfer

1365 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.rethink.onl/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.233.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-233-66.ip.secureserver.net
Software
Apache / PHP/7.4.30
Resource Hash
d5b545bb1c6a2c451aea73f0af54ae49a9febf5851d93e7cec2282921b0d678b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
2678
content-type
text/html; charset=utf-8
date
Sat, 17 Sep 2022 21:56:09 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.30
qa-styles.css
www.rethink.onl/qa-theme/SnowFlat/ 		71 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rethink.onl/qa-theme/SnowFlat/qa-styles.css?1.8.3
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.233.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-233-66.ip.secureserver.net
Software
Apache /
Resource Hash
f5802a6a61b055db582426e1a8d9f9d0a9808480baaffb710e57a8f1fa941830

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:10 GMT
content-encoding
br
last-modified
Sat, 12 Jan 2019 20:22:42 GMT
server
Apache
etag
"2bc1214-11af1-57f4892dec880-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
11487
jquery-3.3.1.min.js
www.rethink.onl/qa-content/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethink.onl/qa-content/jquery-3.3.1.min.js
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.233.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-233-66.ip.secureserver.net
Software
Apache /
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:10 GMT
content-encoding
br
last-modified
Sat, 12 Jan 2019 20:22:42 GMT
server
Apache
etag
"2bc0ed3-15391-57f4892dec880-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
29719
qa-global.js
www.rethink.onl/qa-content/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethink.onl/qa-content/qa-global.js?1.8.3
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.233.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-233-66.ip.secureserver.net
Software
Apache /
Resource Hash
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:10 GMT
content-encoding
br
last-modified
Sat, 12 Jan 2019 20:22:42 GMT
server
Apache
etag
"2bc0ed6-5046-57f4892dec880-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4767
snow-core.js
www.rethink.onl/qa-theme/SnowFlat/js/ 		2 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rethink.onl/qa-theme/SnowFlat/js/snow-core.js?1.8.3
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.233.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-233-66.ip.secureserver.net
Software
Apache /
Resource Hash
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:10 GMT
content-encoding
br
last-modified
Sat, 12 Jan 2019 20:22:42 GMT
server
Apache
etag
"2bc1258-94f-57f4892dec880-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
886
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e88edc55638d552782ad2361f5dee461aa4802a1009a2fab9c149675f9fc637b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52181
x-xss-protection
0
server
cafe
etag
11907985138091074247
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 21:56:10 GMT
fontello.woff
www.rethink.onl/qa-theme/SnowFlat/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rethink.onl/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/qa-theme/SnowFlat/qa-styles.css?1.8.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.233.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-233-66.ip.secureserver.net
Software
Apache /
Resource Hash
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer
https://www.rethink.onl/qa-theme/SnowFlat/qa-styles.css?1.8.3
Origin
https://www.rethink.onl
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:10 GMT
content-encoding
br
last-modified
Mon, 25 Jul 2016 20:01:58 GMT
server
Apache
etag
"2bc121a-1c20-5387b41b3f980-br"
vary
Accept-Encoding
content-type
font/woff
accept-ranges
bytes
content-length
7131
spinner-icon-14x14.gif
www.rethink.onl/qa-theme/SnowFlat/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethink.onl/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/qa-theme/SnowFlat/qa-styles.css?1.8.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.233.66 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-68-178-233-66.ip.secureserver.net
Software
Apache /
Resource Hash
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/qa-theme/SnowFlat/qa-styles.css?1.8.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:10 GMT
last-modified
Sat, 12 Jan 2019 20:15:15 GMT
server
Apache
accept-ranges
bytes
etag
"2bc1228-1e65-57f48783a1ac0"
content-length
7781
content-type
image/gif
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/ 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
95df3f70d31411f335dcb9ebea2d9aea991534d67c6694934e0da940ba204177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125740
x-xss-protection
0
server
cafe
etag
9128484219058536254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 21:56:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame 5639 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rethink.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
54971
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:40:00 GMT
etag
9671129459699598864
expires
Sat, 01 Oct 2022 06:40:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		389 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.rethink.onl&callback=_gfp_s_&client=ca-pub-2291825815563197&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
0cdc2ec90c141b484a670f548541b7656c75ced39dc6e1de34cf555327973290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.rethink.onl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 21:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.rethink.onl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 21:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7045 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
0396121f9ef1ea9d32ce7b339c8e169d7e8b838868f10c870c73f5eb87babe8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rethink.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11634
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 21:56:11 GMT
expires
Sat, 17 Sep 2022 21:56:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B336 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=306952042&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771118&bpp=1&bdt=1169&idt=508&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lw0pDtCawb&p=https%3A//www.rethink.onl&dtd=511
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
f538c19b740a008f0ddf24066175975c4d5cb0b8339ee895b0c74bf5278987a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rethink.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11669
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 21:56:12 GMT
expires
Sat, 17 Sep 2022 21:56:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7E43 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&adk=1812271804&adf=3025194257&lmt=1663451771&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&ea=0&pra=7&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771132&bpp=1&bdt=1183&idt=499&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90%2C1004x90&nras=1&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=503
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
64d63fe7bd90ac642f8308be314268501a0c7d0f3ba83b24198b1a4e773c8413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rethink.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
4950
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 21:56:12 GMT
expires
Sat, 17 Sep 2022 21:56:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame C68E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COFsye0ImY-XzK4rkvwTkgJxQmJmUjVydnLnVigrAjbcBEAEgAGClwKOApAGCARdjYS1wdWItMjI5MTgyNTgxNTU2MzE5N6ABxf-euQPIAQmoAwGqBNYBT9B6N1UNofTxoBzHP4J6CkOHZgaGEt1eopO-jq5guUK3l7ExGKsDrRA6_IrhjLIr0GN-bz6hvObXLidZUJqM2i3WbOr1XRmUZvEiYYyPRNlOr7zWRG0nSOuke7uzs7Io87axzNdRmMJd7xFaNAlzHnNqERRDfjQVaHLI04UZRISGT5__BZZu97xY2Xkoacp3AiqEBe7zDAZSSSL3k5cHqTzxusXaFq0prbd0DkAJfAP_ExWBYDIUoxYrRGtEu_02xneCpkY8LL1wePxXTEakqbFVw_DnaIAG94H1uPyt0-_XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIyOTE4MjU4MTU1NjMxOTcYAA&sigh=4Q3rjg_pRsA&uach_m=[UACH]&cid=CAQSGwCsnQUxYejmiUFZUBIok5w0hPdZuoEdh2xnoBgB
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 17 Sep 2022 21:56:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 17 Sep 2022 21:56:12 GMT
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/8b12cad6-36d3-11ed-a78d-493b7f937c88/YyZCewAK-eUKj_IKAAcAZNczuRWo2tzGqW98HA/2ABIMRDTCNGN2B4XHUJ4XBMQRQB2M5CAS4XRWLIICI5DFG3TSPQO5XHX42OTFL5JIDNFUL... Frame C68E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/8b12cad6-36d3-11ed-a78d-493b7f937c88/YyZCewAK-eUKj_IKAAcAZNczuRWo2tzGqW98HA/2ABIMRDTCNGN2B4XHUJ4XBMQRQB2M5CAS4XRWLIICI5DFG3TSPQO5XHX42OTFL5JIDNFULNDETA6PENT2VQZYKJVBCDDBBELUMHNZU627WYJO4ZW2MXJY6TDEVRZYBNXDUVR44E7U5QVNRUJGJ5NMYWBEBJQ2TPGFMYKBUTKATTIFSY75AJDR5USD5CGRLIQHTJD3H6SUX3Z3GDTM3SONZORBY35NSBPCEPOXMNVPEW5S63NTNGMZT6HWTFMVMKUL75FY4YU4SIKY7JXH5DEF3LBW3P5BZA7O7TSXQ5U7OKCGRITBVSMRGS4R4AFOHBJMQNRA5LAW3AJYLZ7VR7YRPE74OKUDGUMYIWXC27WHKLMK7UK3YGKLWLJJC32JBDHCZ3YZT37XHUDGODJOU6BBD6IXC4DX265WKD2PI7QVNOHUW24LMUMAGEAFETT5ZFI6FQH7DWSSXT6O6CQOSMGVVYEJFCRCVMPNN4EA6DJEY4HI4O5IJGUH2QMZMT25WAE/?
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 17 Sep 2022 21:56:12 GMT
Content-Length
0
widget.js
widgets.outbrain.com/n2d/widget/ Frame C68E 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
799c6a46b59ca90e892ddb0de5cb93498b0561486a57fc5f71c8be88d4be4f55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:12 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 10:45:38 GMT
server
AkamaiNetStorage
etag
"a8695c07198a4bda99056828c2bfd957:1662634305.126758"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8914
expires
Sun, 18 Sep 2022 01:56:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C68E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 21:19:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C68E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 20:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3965
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 20:50:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C68E 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 21:56:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 585B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHQkZe0ImY4zOLOWGssUPo_eemAmYmZSNXJ2cudWKCsCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi0yMjkxODI1ODE1NTYzMTk3oAHF_565A8gBCagDAaoE1gFP0ISdETZlctgzhFx_e9q7gK1Jqmf4ifhCQ5t1Qt1Ngp5_7mHtaze8PV90whEUDFwEU2S99zeXGQdEOQON8D8bo3MpAE3pYldh9NE3RsHNDd_UNKlgYQHO0CqQeo44koINJtSPl07zKuEP445ChbE5qxuKuqo-QNBDvjxd2JHAKQFbEuH8M9ZOBhcDX29PNDBowiOjAuA0vdbLWulIGdgKWNtNr8E-K40xL8RFO50AKmOHhh5dkLH_9zuA4SGn8r6hNcxlMmjxK0oXQ7pWFgipJs6x_YB2gAb3gfW4_K3T79cBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjI5MTgyNTgxNTU2MzE5NxgA&sigh=IMG1MG6G81w&uach_m=[UACH]&cid=CAQSGwCsnQUxbz5x_gnbL-1odygXbr2lX4hb-rKNsRgB
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=306952042&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771118&bpp=1&bdt=1169&idt=508&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lw0pDtCawb&p=https%3A//www.rethink.onl&dtd=511
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 17 Sep 2022 21:56:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 17 Sep 2022 21:56:12 GMT
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/8b1647e4-36d3-11ed-9475-e52430e9059e/YyZCewALJwwCrINlAAe7o8N4K4mATraP3M51Hg/ARTD6F3O2AABVXIWGPOFMXVMCZZYQ2GUPJHTM4AICI5DFG3TSPQIH7SE5FYQ3M775BUI3A... Frame 585B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/8b1647e4-36d3-11ed-9475-e52430e9059e/YyZCewALJwwCrINlAAe7o8N4K4mATraP3M51Hg/ARTD6F3O2AABVXIWGPOFMXVMCZZYQ2GUPJHTM4AICI5DFG3TSPQIH7SE5FYQ3M775BUI3AP3IFW4H7TYESFBBAS7ECDDBBELUMHNZU627WYJO4ZW2MXJY6TDEVRZYBNXDGOSI5SEC7WSZO7LCQBUVL4J4JJQ2TPGFMYKBUTKATTIFSY75AJDR5USD5CGRLIQHTJD3H6SUX3Z3GDTM3SONZORBY35NSBPCEPOXMNVPEW5S63NTNGOUZQ4I7CNL4RPXMTQNV53WEYOUAX7BZXEJI3WUSDZNYR2LJSOROZ7CQX3AAX2PI4OSW4NGQEWZTLLAYA5ZOGUCEDYGEWDLWM2C3X3VMGM7LL6TAGSRX5JL7JEKAZJAGV5K4WC4W7HM4KPTHJDBQTYI3DEM4AEKA5SRIEBTLVOWDYSAUZ4DIISNZRYWXRUPX5IJKIHCJP7AGRLTYTUKPWQKSQVD77LI6PYGCVZTEHZXEBUKU35IGYSMKRITBGIHJCNMNU3AV53TKZJEFOBHXN6JZXXY/?
Requested by
Host: www.rethink.onl
URL: https://www.rethink.onl/index.php?qa=user&qa_1=magnussonwise80
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 17 Sep 2022 21:56:12 GMT
Content-Length
0
widget.js
widgets.outbrain.com/n2d/widget/ Frame 585B 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=306952042&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771118&bpp=1&bdt=1169&idt=508&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lw0pDtCawb&p=https%3A//www.rethink.onl&dtd=511
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
799c6a46b59ca90e892ddb0de5cb93498b0561486a57fc5f71c8be88d4be4f55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:12 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 10:45:38 GMT
server
AkamaiNetStorage
etag
"a8695c07198a4bda99056828c2bfd957:1662634305.126758"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8914
expires
Sun, 18 Sep 2022 01:56:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 585B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=306952042&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771118&bpp=1&bdt=1169&idt=508&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lw0pDtCawb&p=https%3A//www.rethink.onl&dtd=511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 21:19:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 585B 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=306952042&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771118&bpp=1&bdt=1169&idt=508&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lw0pDtCawb&p=https%3A//www.rethink.onl&dtd=511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 20:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3965
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 20:50:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 585B 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=306952042&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771118&bpp=1&bdt=1169&idt=508&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lw0pDtCawb&p=https%3A//www.rethink.onl&dtd=511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 21:56:12 GMT
ca-pub-2291825815563197
fundingchoicesmessages.google.com/i/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2291825815563197?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
ESF /
Resource Hash
3703c7102039fa5a8ff6191f45e17b1c1ec2c166e0ee2000bf4fe62a48ef337d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bc9dAvawXbAwWg5wk8nJJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-Bc9dAvawXbAwWg5wk8nJJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVQ2Etk9d22xysfKoxYEcUmJcKIcqPyfVhBQ7VdXC2-jHc-Jv-TkpMJ29QVSmZL4OKkO_jqOeTtE725CqDAF18=
fundingchoicesmessages.google.com/f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVQ2Etk9d22xysfKoxYEcUmJcKIcqPyfVhBQ7VdXC2-jHc-Jv-TkpMJ29QVSmZL4OKkO_jqOeTtE725CqDAF18=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzNDUxNzczLDIwMDAwMDBdLCIzN0VBMjNGMC01MjFDLTQ0OEMtQkZEMy01ODM3OEQ3QkE0QkEiLG51bGwsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHBzOi8vd3d3LnJldGhpbmsub25sL2luZGV4LnBocCIsbnVsbCxbWzgsIjNuSEhSSElYUTZ3Il0sWzksImVuLUdCIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
ESF /
Resource Hash
e58bd0e8921472a0787d0e078be7e753b76b50dd825a32fa3e9659a7b2249020
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vQhQidWD0xDtfztR5MS-ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vQhQidWD0xDtfztR5MS-ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
date
Sat, 17 Sep 2022 21:56:13 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame C68E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:13 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 17 Oct 2022 21:56:13 GMT
/
b1t-sindc1.zemanta.com/t/imp/impression/X5YJQ22YXHDYCIWLFNK45BK7RLSACSDVHNU3GFEZWP35LFSEBJ26ZVDEGG7OQC256UIJ2PDKWBO4PGFWIUS35SJTGJ2D24NVQLQS7HE34OMY5DJEMOIPYZ536KOKKKCK4PAN5XEWRDHPYBAIX56NNXVTSZ6HO... Frame C68E 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-sindc1.zemanta.com/t/imp/impression/X5YJQ22YXHDYCIWLFNK45BK7RLSACSDVHNU3GFEZWP35LFSEBJ26ZVDEGG7OQC256UIJ2PDKWBO4PGFWIUS35SJTGJ2D24NVQLQS7HE34OMY5DJEMOIPYZ536KOKKKCK4PAN5XEWRDHPYBAIX56NNXVTSZ6HOVWAHYFITV2JKNEDKHOZPCRV6HFSZ3D6LUKLS73M7T4L5YBHAHKH7JJI5JC7BICH3JBVGWJLHEHGN4OV24RDDVSATMH2HWZ3HGCANLG7X26OIWYMZJTD6MHMC2DTTLCCZFPA4WFK5ZMSZCPVHQVNS53EFA2R5WBLH4ANWRJXJJD7AOLNZ7IXOATJ4OR2HPJIDZPGUSKOHEI/?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 21:56:13 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
truncated
/ Frame C68E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a8900cf7f627e6bb3e1186df1b43e29df9e80ade01e5a7d6dcfd8f201772161

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
814e1db4da5ee8dacf7743184e5242f2c0.jpg
zem.outbrainimg.com/p/srv/sha/a2/48/a5/ Frame C68E 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/a2/48/a5/814e1db4da5ee8dacf7743184e5242f2c0.jpg?w=180&h=90&fit=crop&crop=faces&fm=jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=1199968654&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771114&bpp=4&bdt=1165&idt=482&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&correlator=2619408717534&frm=20&pv=2&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=T9XEXJ0OhD&p=https%3A//www.rethink.onl&dtd=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.46.132 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
aa336a0104201925b74ed7fc2bd9f9a738d0aec32d2b229f09c1e27480f4fac0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:13 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1994983
x-cache
HIT, MISS, HIT
x-imgix-id
361c808dd77d7649d09d8116a4ea7122cb6bdf48
content-length
7524
x-imgix-render-farm
01.1
last-modified
Thu, 25 Aug 2022 19:46:29 GMT
server
imgix
x-timer
S1663451774.530182,VS0,VE1
x-served-by
cache-sjc10037-SJC, cache-qpg1256-QPG, cache-qpg1273-QPG
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
x-cache-hits
1
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 585B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:13 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 17 Oct 2022 21:56:13 GMT
/
b1t-sindc1.zemanta.com/t/imp/impression/X5YJQ22YXHDYDTZQA32DXNQ4P3SACSDVHNU3GFEXXJXE4T43K3MR5OKBDWPRE52PPTBEPPY5PBDOND7X6XU3NQIH3A2PXBMQQLYSUO6LUR4UGISMVYZU5OUIUWGJPD5GBNVKTEF3Z6OZ6BAIX56NNXVTSZ6HO... Frame 585B 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-sindc1.zemanta.com/t/imp/impression/X5YJQ22YXHDYDTZQA32DXNQ4P3SACSDVHNU3GFEXXJXE4T43K3MR5OKBDWPRE52PPTBEPPY5PBDOND7X6XU3NQIH3A2PXBMQQLYSUO6LUR4UGISMVYZU5OUIUWGJPD5GBNVKTEF3Z6OZ6BAIX56NNXVTSZ6HOVWAHYFITV2JKNEDKHOZPCRV6HFSZ3D6LUKLS73M7T4L5YBHAHKH7JJI5JC7BICH3JBVGWJLHEHGN4OV24RDDVSATMH2HWZ3HGCAJLGKSUG6DYLFZXSBKTNIEAINCQLDQZ6VU62MLK3Q3OHW2Z5KIDEBBWTAQQ43BXPXO7IL3OLUI3GFOLRW47PMNELA2TSVGUZY2P476C3WCR4MROEEYFFMU56I7IPRAHXL/?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=306952042&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771118&bpp=1&bdt=1169&idt=508&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lw0pDtCawb&p=https%3A//www.rethink.onl&dtd=511
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 21:56:13 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
truncated
/ Frame 585B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9defa11678759214ad819981a2123fa3cf67e2dc34d61a897e3d7e0e579ef4f3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
814e1db4da5ee8dacf7743184e5242f2c0.jpg
zem.outbrainimg.com/p/srv/sha/a2/48/a5/ Frame 585B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/a2/48/a5/814e1db4da5ee8dacf7743184e5242f2c0.jpg?w=180&h=90&fit=crop&crop=faces&fm=jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2291825815563197&output=html&h=90&slotname=%3Cscript%20async%20src%3D%22https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%22%3E%3C%2Fscript%3E%20%3C!--%20Rethink%20top%20--%3E%20%3Cins%20class%3D%22adsbygoogle%22%20style%3D%22display%3Ablock%22%20data-ad-client%3D%22ca-pub-2291825815563197%22%20data-ad-slot%3D%225240559096%22%20data-ad-format%3D%22auto%22%20data-full-width-responsive%3D%22true%22%3E%3C%2Fins%3E%20%3Cscript%3E%20(adsbygoogle%20%3D%20window.adsbygoogle%20%7C%7C%20%5B%5D).push(%7B%7D)%3B%20%3C%2Fscript%3E&adk=3461795557&adf=306952042&pi=t.ma~as.%3Cscript%20async%20src%3D%22_&w=1004&fwrn=4&fwrnh=100&lmt=1663451771&rafmt=2&psa=0&format=1004x90&url=https%3A%2F%2Fwww.rethink.onl%2Findex.php%3Fqa%3Duser%26qa_1%3Dmagnussonwise80&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663451771118&bpp=1&bdt=1169&idt=508&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1004x90&correlator=2619408717534&frm=20&pv=1&ga_vid=6337307.1663451772&ga_sid=1663451772&ga_hid=652872977&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C42531705%2C44767166%2C31069538%2C44772487&oid=2&pvsid=1450867363580783&tmod=135291706&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lw0pDtCawb&p=https%3A//www.rethink.onl&dtd=511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.46.132 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
aa336a0104201925b74ed7fc2bd9f9a738d0aec32d2b229f09c1e27480f4fac0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:13 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1994983
x-cache
HIT, MISS, HIT
x-imgix-id
361c808dd77d7649d09d8116a4ea7122cb6bdf48
content-length
7524
x-imgix-render-farm
01.1
last-modified
Thu, 25 Aug 2022 19:46:29 GMT
server
imgix
x-timer
S1663451774.530261,VS0,VE1
x-served-by
cache-sjc10037-SJC, cache-qpg1256-QPG, cache-qpg1273-QPG
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
x-cache-hits
2
AGSKWxUhWFcEb0Tu75JvWVQf7NlVx6z9YZVib4vyTmNFL-8-jeak7kTWEVf7APDhbDAZr0ObUX1t3IewsQuD9oBxYKDPbD4Ik-voYElyGD8H9ln62FKoifOvORu7CZu0UJW68ksGLI86cw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUhWFcEb0Tu75JvWVQf7NlVx6z9YZVib4vyTmNFL-8-jeak7kTWEVf7APDhbDAZr0ObUX1t3IewsQuD9oBxYKDPbD4Ik-voYElyGD8H9ln62FKoifOvORu7CZu0UJW68ksGLI86cw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0_fnDs-kpCpKQFWKEJI_1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rethink.onl/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Sep 2022 21:56:13 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.rethink.onl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0_fnDs-kpCpKQFWKEJI_1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW7OQvrse1N3mvoJBmGLmZbQL1QoUHrIN5tIuv1vwLo1yLSiAaaqGsP04FJTpE131s8pMfAKFpoZ70xZtlytxD9-w_JbR_S2GOKyk5Tjqzm8-51V0kFu9_yUbeK8l_byKUpoXnr8g==
fundingchoicesmessages.google.com/f/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW7OQvrse1N3mvoJBmGLmZbQL1QoUHrIN5tIuv1vwLo1yLSiAaaqGsP04FJTpE131s8pMfAKFpoZ70xZtlytxD9-w_JbR_S2GOKyk5Tjqzm8-51V0kFu9_yUbeK8l_byKUpoXnr8g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzNDUxNzczLDUzMDAwMDAwMF0sIjM3RUEyM0YwLTUyMUMtNDQ4Qy1CRkQzLTU4Mzc4RDdCQTRCQSIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly93d3cucmV0aGluay5vbmwvaW5kZXgucGhwIixudWxsLFtbOCwiM25ISFJISVhRNnciXSxbOSwiZW4tR0IiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
ESF /
Resource Hash
9af430336e9ec29033b92b7330038a638bfd52479ec481d4b0f27941e9491934
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C2JeF-Ooa4I-GSdm0ecw_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-C2JeF-Ooa4I-GSdm0ecw_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
42bf548dbe2a7e1198281ea48675707f85b883f71502832da4b99c71421565ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 21:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11243
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_fy2021.js?bust=31069538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 21:56:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C68E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiF2_9eprnZ3W3QTtu3YAh4wwDh9By2rMvHpvk4eZpYLJnFZQNe9houkAhdktV0TqI1xM06c892HArsQWsz9w57WtW&sig=Cg0ArKJSzDIK4Da7XapUEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3461795557&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663451772103&rpt=1522&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 21:56:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.5240463725581666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-W_NFT4ZxnM2vxJhLJ80EVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-W_NFT4ZxnM2vxJhLJ80EVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options
SAMEORIGIN
date
Sat, 17 Sep 2022 21:56:14 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.650949611696467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-uFttGYWwNAlmPCUOaOWF1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.rethink.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-uFttGYWwNAlmPCUOaOWF1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options
SAMEORIGIN
date
Sat, 17 Sep 2022 21:56:14 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 585B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQl1zlBGKgo8NywVKuV1tuNbs5RKdE0K_RwRumxKrrF9XEWpsPqCmSIcPasAqeUuO3Jq7FDjQtPHJf5uTYonw9-C03&sig=Cg0ArKJSzOsSjE94eDy7EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3461795557&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663451772146&rpt=1618&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 21:56:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2899 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rethink.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
528064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 19:15:10 GMT
expires
Mon, 11 Sep 2023 19:15:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BB66 		0
0
AGSKWxUBuZfxSPkpDKY-bzSIIwX22-V1h327i_FQh6jKy-knVHzx3-U9oC3CU42sBaZImq5Nhq6VXyI61SABqAfA0cj_4WOHlvdPcyfhyZbZiPJSa__uKY3q2XE-YqHPjhVy8xnG8RbSAA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUBuZfxSPkpDKY-bzSIIwX22-V1h327i_FQh6jKy-knVHzx3-U9oC3CU42sBaZImq5Nhq6VXyI61SABqAfA0cj_4WOHlvdPcyfhyZbZiPJSa__uKY3q2XE-YqHPjhVy8xnG8RbSAA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UjEPcW1DhLR0h6VxZ6n_XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rethink.onl/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Sep 2022 21:56:15 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.rethink.onl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UjEPcW1DhLR0h6VxZ6n_XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 2899 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| qa_root string| qa_request function| $ function| jQuery function| qa_reveal function| qa_conceal function| qa_set_inner_html function| qa_set_outer_html function| qa_show_waiting_after function| qa_hide_waiting function| qa_vote_click function| qa_notice_click function| qa_favorite_click function| qa_ajax_post function| qa_ajax_error function| qa_display_rule_show object| qa_element_revealed function| qa_toggle_element function| qa_submit_answer function| qa_submit_comment function| qa_answer_click function| qa_comment_click function| qa_show_comments function| qa_form_params function| qa_scroll_page_to function| qa_title_change function| qa_html_unescape function| qa_html_escape function| qa_tag_click function| qa_tag_hints function| qa_tags_to_html function| qa_caret_from_end function| qa_tag_typed_parts function| qa_category_select function| set_category_description function| qa_submit_wall_post function| qa_wall_post_click function| qa_pm_click object| b object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| YzZjNTUxYzNiODVjN2Q0ZGxvYWRlcl9qcw== string| YzZjNTUxYzNiODVjN2Q0ZGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager object| googletag

5 Cookies

Domain/Path Name / Value
www.rethink.onl/ Name: PHPSESSID
Value: e57eb51fc4f7f491026084fdbda51022
www.rethink.onl/ Name: qa_key
Value: e7wbzb6j9m9d46fl4gvyes3t2uygqwy5
.rethink.onl/ Name: __gads
Value: ID=33b553f8c6b0facd-2226b7d7a4d600d4:T=1663451772:RT=1663451772:S=ALNI_MYRfSNPVImQkZABkzSX4_2yiZWy2Q
.rethink.onl/ Name: __gpi
Value: UID=000009cc51da1a0f:T=1663451772:RT=1663451772:S=ALNI_MYBkRCRSSgZNXKQhETVCiJF5bO4vQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkZH_8bng4Ps7w6Mb1CCr2o1GH0-6fhPU1hSLtLxOuJhSICZbeyafIvzVYg_mw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.au
b1-sindc1.zemanta.com
b1t-sindc1.zemanta.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google.com
www.googletagservices.com
www.rethink.onl
zem.outbrainimg.com
pagead2.googlesyndication.com
www.google.com
142.251.10.157
142.251.12.156
172.217.194.101
172.217.194.156
199.232.46.132
23.108.101.160
23.44.1.119
68.178.233.66
74.125.130.155
74.125.24.132
74.125.24.156
74.125.24.157
0396121f9ef1ea9d32ce7b339c8e169d7e8b838868f10c870c73f5eb87babe8a
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0cdc2ec90c141b484a670f548541b7656c75ced39dc6e1de34cf555327973290
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3703c7102039fa5a8ff6191f45e17b1c1ec2c166e0ee2000bf4fe62a48ef337d
3a8900cf7f627e6bb3e1186df1b43e29df9e80ade01e5a7d6dcfd8f201772161
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
42bf548dbe2a7e1198281ea48675707f85b883f71502832da4b99c71421565ea
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d63fe7bd90ac642f8308be314268501a0c7d0f3ba83b24198b1a4e773c8413
799c6a46b59ca90e892ddb0de5cb93498b0561486a57fc5f71c8be88d4be4f55
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
95df3f70d31411f335dcb9ebea2d9aea991534d67c6694934e0da940ba204177
9af430336e9ec29033b92b7330038a638bfd52479ec481d4b0f27941e9491934
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9defa11678759214ad819981a2123fa3cf67e2dc34d61a897e3d7e0e579ef4f3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa336a0104201925b74ed7fc2bd9f9a738d0aec32d2b229f09c1e27480f4fac0
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
d5b545bb1c6a2c451aea73f0af54ae49a9febf5851d93e7cec2282921b0d678b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58bd0e8921472a0787d0e078be7e753b76b50dd825a32fa3e9659a7b2249020
e88edc55638d552782ad2361f5dee461aa4802a1009a2fab9c149675f9fc637b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f538c19b740a008f0ddf24066175975c4d5cb0b8339ee895b0c74bf5278987a2
f5802a6a61b055db582426e1a8d9f9d0a9808480baaffb710e57a8f1fa941830
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a