thesmokering.com Open in urlscan Pro
69.64.33.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://thesmokering.com/
Submission Tags: falconsandbox
Submission: On May 27 via api (May 27th 2021, 7:23:50 pm UTC) from US

Summary HTTP 101 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 11 domains to perform 101 HTTP transactions. The main IP is 69.64.33.70, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is thesmokering.com.

This is the only time thesmokering.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	69.64.33.70 69.64.33.70	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
17	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::8b	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f13... 2a03:2880:f132:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
101	17

43 69.64.33.70 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: netrelief.com

thesmokering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.thesmokering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::8b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

groups.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f132:83:face:b00c:0:25de (Dublin, Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	thesmokering.com thesmokering.com www.thesmokering.com	2 MB
20	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	351 KB
11	doubleclick.net googleads.g.doubleclick.net	42 KB
10	facebook.com www.facebook.com	161 KB
7	google.com 3 redirects groups.google.com www.google.com adservice.google.com	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	66 KB
3	googletagservices.com www.googletagservices.com	101 KB
2	fbcdn.net scontent-frt3-2.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net	10 KB
2	google.de adservice.google.de	921 B
1	googleapis.com fonts.googleapis.com	687 B
1	googleadservices.com partner.googleadservices.com	645 B
101	11

	Domain	Requested by
41	thesmokering.com	thesmokering.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	www.facebook.com	thesmokering.com www.facebook.com
8	pagead2.googlesyndication.com	thesmokering.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.google.com	3 redirects tpc.googlesyndication.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.thesmokering.com	thesmokering.com
2	www.gstatic.com	thesmokering.com googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	groups.google.com	thesmokering.com
101	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
groups.google.com
www.soezzy.com
www.thesmokering.com
www.netrelief.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://thesmokering.com/
Frame ID: C7130B0C95D6D803C44C2146ECD44D19
Requests: 57 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
Frame ID: F82BF711436F979DDA7DCCB28053AFD2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622141203&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411377&bpp=23&bdt=836&idt=182&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ebwcj3tHCy&p=http%3A//thesmokering.com&dtd=215
Frame ID: DDFD3AB616452DA918293B2F9E6033BC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622141203&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411447&bpp=3&bdt=906&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pZRr1p64oX&p=http%3A//thesmokering.com&dtd=162
Frame ID: 6A5B52ADAF43200552F16764E219EBDD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1107008511660248&output=html&h=600&adk=1942723166&adf=4269584164&w=160&lmt=1622141203&channel=2337602155&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411454&bpp=5&bdt=913&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C160x600_as&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1VmelG23x2&p=http%3A//thesmokering.com&dtd=161
Frame ID: 6DAE78CEF82D5EEB8ADA51A206EA3C43
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 01569B7573CF33B39F9E3D97776FA1D1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 788AA756EC5AC902378E2821EEAC40FB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: 47DE2FB17E36CE26339B6083A1EA51EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: 09AD76AF99CF0286019FB3D2875BF832
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&adk=1583717119&adf=1965533518&lmt=1622141203&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fthesmokering.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1622143412523&bpp=2&bdt=1982&idt=2&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0d00063f2b7b83c8-224cd86329c8005a%3AT%3D1622143411%3ART%3D1622143411%3AS%3DALNI_MZo2iRHVkjZJaosmQKTRs9xNiJi2g&prev_fmts=728x90_as%2C160x600_as%2C160x600_as&nras=1&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&psts=AGkb-H8ZXkPc5suDNz6LzF6_V5um4cqEQrLBuCAiS58A4ENF8uQuiVS6Yst9h8VubUOpTm1sibuw2RrxVEQ%2CAGkb-H9yV0AJPujp9lChj3XKLGmOCk99fOr0SyWhQPayHOWXoY3SdCquEvIu8bnYH9m0j7cAaNkfZ7GDX1Uy3Q&pvsid=195553685318947&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=25
Frame ID: 8226D5541352C2B1BA63AA979F871C0B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 723BCD9DEB89CACD5A1D722ED334E0C4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01948DF6321E83C422CCDF722B35C9F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Joomla (CMS) Expand

Overall confidence: 100%
Detected patterns

html /(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)\/com_|<table[^>]+class="pill)/i
meta generator /Joomla!(?: ([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)\/com_|<table[^>]+class="pill)/i
meta generator /Joomla!(?: ([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /mootools.*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

101
Requests

56 %
HTTPS

88 %
IPv6

11
Domains

17
Subdomains

17
IPs

4
Countries

3120 kB
Transfer

4419 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/pages/The-Smoke-Ring/54370494536
Title:

Search URL Search Domain Scan URL

URL: http://groups.google.com/group/SmokeRingBBQ
Title: Visit this group

Search URL Search Domain Scan URL

URL: http://www.soezzy.com/

Search URL Search Domain Scan URL

URL: http://www.thesmokering.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.netrelief.com/
Title: netRelief Consulting

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

http://groups.google.com/groups/img/3/groups_bar.gif HTTP 307
https://groups.google.com/groups/img/3/groups_bar.gif

Request Chain 26

http://www.google.com/cse/brand?form=cse-search-box%3C=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 45

http://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355 HTTP 307
https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

101 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
thesmokering.com/ 37 KB
10 KB 648ms
493ms Document
text/html 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: df6fe9bd5ecef4a9ef720db4db9602fb17a092676ab448f7d3ec4b886b04ae7d

Request headers

Host: thesmokering.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3; path=/
Last-Modified: Thu, 27 May 2021 18:46:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 9813
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK style.css
thesmokering.com/components/com_jcomments/tpl/default/ 14 KB
3 KB 188ms
164ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/components/com_jcomments/tpl/default/style.css?v=12
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: f10c42a2b0dc0a3058c6c0b986125c1625ce4de4ad4e1f9e39e811ca971ce187

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:24 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "3861-550d488f61c42-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3154

GET
H/1.1 200
OK modal.css
thesmokering.com/media/system/css/ 1 KB
777 B 304ms
275ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/css/modal.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 0bebc26684519b54ae335b937fa0a1092b472b2c6824b06a58884f8318b92e40

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "487-550d4895032c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 433

GET
H/1.1 200
OK mootools.js Show response
thesmokering.com/media/system/js/ 73 KB
20 KB 485ms
164ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/mootools.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 6f41f29b0f02e5481de7e96b521b618eca399bade637e84457034fab87681d91

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "122c2-550d489505201-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20347

GET
H/1.1 200
OK caption.js Show response
thesmokering.com/media/system/js/ 2 KB
1 KB 482ms
160ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/caption.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 751c93befc1f1c6dbe3c6d302c25cbeee14a405b5a34b25f5b7366fb599f7c78

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "7ab-550d4895032c1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 921

GET
H/1.1 200
OK modal.js Show response
thesmokering.com/media/system/js/ 10 KB
3 KB 517ms
165ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/modal.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 03d34432f9a8d245c766530864c54eb38da44eddd8dba7d04b8b8642533aab6d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "295c-550d489504261-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3111

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
thesmokering.com/media/system/js/ 93 KB
33 KB 615ms
159ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/jquery-1.7.2.min.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "17278-550d489505201-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 33622

GET
H/1.1 200
OK ads.js Show response
thesmokering.com/media/system/js/ 2 KB
1 KB 610ms
152ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/ads.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 92dfa39c819c8fa384420fd0e0d4f2b5b886dd691b1977cce5bd1cd77e3ae2a6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Aug 2017 16:12:19 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "60e-5580ee8acda47-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 774

GET
H/1.1 200
OK template_css.css
thesmokering.com/templates/rt_versatility4_j15/css/ 24 KB
5 KB 320ms
291ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/template_css.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 2e7fd02690c2b3ac12a055a1d86ef18a7d3b2b6c85c5531146f0d230543f9d78

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "61e0-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4913

GET
H/1.1 200
OK menustyle1.css
thesmokering.com/templates/rt_versatility4_j15/css/ 1 KB
814 B 302ms
272ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/menustyle1.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: fb006755b2d123db10b3930cda8234ec7bb37a1f3540f17eb1638070309b28a4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "555-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 470

GET
H/1.1 200
OK style9.css
thesmokering.com/templates/rt_versatility4_j15/css/ 18 KB
3 KB 318ms
288ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: f096f07e076d84ac7a0f534eaf028ca2ddd4443647d9da4bad29b5dd0462acc6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "4808-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2651

GET
H/1.1 200
OK typography.css
thesmokering.com/templates/rt_versatility4_j15/css/ 7 KB
2 KB 310ms
280ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/typography.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 3ac369148d079f0d001ec6665651810a454c2caab0a512bd5aae4bdc1571aa0b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "1b56-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1443

GET
H/1.1 200
OK system.css
thesmokering.com/templates/system/css/ 1 KB
861 B 350ms
163ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/system/css/system.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 0d824c8b104ad2fe36019f4b3238d8c2969ae84008602a1f3d0b96024d6b131a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "569-550d489609de1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 518

GET
H/1.1 200
OK general.css
thesmokering.com/templates/system/css/ 3 KB
1 KB 454ms
151ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/system/css/general.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: ddf43ca5f1ddd28645a5d21dcb48da29ab5beef16b7ba84f882aa43bdf273f8d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "ad9-550d489609de1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 762

GET
H/1.1 200
OK rokslidestrip.css
thesmokering.com/templates/rt_versatility4_j15/css/ 538 B
629 B 456ms
153ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/rokslidestrip.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: e2e98876ea28211c939ec8659ebbc2349a8040ab6fe7798b2f1f9b9bf89e9099

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "21a-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 286

GET
H/1.1 200
OK rokmoomenu.css
thesmokering.com/templates/rt_versatility4_j15/css/ 1 KB
749 B 464ms
154ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/rokmoomenu.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 8277ada3d1ccd0b1f23a28587ba5c3346b4c6afa9d5a7b7d4c04e51c7b6cb086

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "47e-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 406

GET
H/1.1 200
OK roksameheight.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 589 B
691 B 619ms
154ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/roksameheight.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: d55c65b246a876f75cce868400d9d8f54880cceaff2ea0aaeec5c2aa2731db05

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "24d-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 334

GET
H/1.1 200
OK rokslidestrip.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 5 KB
2 KB 640ms
160ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/rokslidestrip.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 014a5a330356f54c97229892cd15e816d39fda883442930e13f39c7eb247ab91

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "14a1-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1699

GET
H/1.1 200
OK rokfonts.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 2 KB
1 KB 680ms
164ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/rokfonts.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 0a17318dcebcff96868ba5a8e58c6dc8cbc505abfd042190b66b0b116d037cee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "66e-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1023

GET
H/1.1 200
OK rokmoomenu.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 4 KB
3 KB 760ms
152ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/rokmoomenu.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 8c97cfb05def8a6ee856da0e7e3a9e9da8e431361152a06cfbfe4e270040abba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "11f2-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2305

GET
H/1.1 200
OK mootools.bgiframe.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 964 B
1000 B 771ms
158ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/mootools.bgiframe.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: f3148089ed8727c786141478e43f096a8ff06bce4141ce8aeabe9bfb662e1a4c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=sb4u9prumdhb8a550k0mpkdao3
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "3c4-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 643

GET
H/1.1 200
OK SmokeRingLogo.jpg
thesmokering.com//images/stories/ 19 KB
19 KB 161ms
159ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com//images/stories/SmokeRingLogo.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: c88189664b52efac0b21fb0b7eca62e131aecc86422278a34936b00e14f87e9e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "4b2c-550d4894a3781"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 19244

GET
H/1.1 200
OK findusonfacebook.jpg
thesmokering.com//images/stories/ 2 KB
2 KB 154ms
152ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com//images/stories/findusonfacebook.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: ce512fcbd31a5d0fe52c9a39c50be1c97b9018de56cb7f83a4799b291c39868a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "8cc-550d4894a4721"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2252

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 90 KB
33 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: thesmokering.com
URL: http://thesmokering.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb731be92c4bfe2360141c42a987ee49e2191ed75e2efff0dcc42e1882d6da7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 27 May 2021 19:23:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1977833837501118871
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 32965
X-XSS-Protection: 0
Expires: Thu, 27 May 2021 19:23:31 GMT

GET
H/1.1 200
OK damian.jpg
thesmokering.com/images/stories/ 8 KB
8 KB 153ms
151ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/damian.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 12c49b8251759efdfda0bb5f904b1c3ccf50c48652f00257be09653bf576ca18

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "2033-550d4894a3781"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8243

GET
H/1.1 200
OK findusonfacebook.jpg
thesmokering.com/images/stories/ 2 KB
2 KB 171ms
169ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/findusonfacebook.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: ce512fcbd31a5d0fe52c9a39c50be1c97b9018de56cb7f83a4799b291c39868a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "8cc-550d4894a4721"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2252

GET
H2

404

groups_bar.gif
groups.google.com/groups/img/3/
Redirect Chain

http://groups.google.com/groups/img/3/groups_bar.gif
https://groups.google.com/groups/img/3/groups_bar.gif

0
0

574ms
545ms

Image
text/html

2a00:1450:400c:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.google.com/groups/img/3/groups_bar.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::8b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location: https://groups.google.com/groups/img/3/groups_bar.gif
Non-Authoritative-Reason: HSTS

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

http://www.google.com/cse/brand?form=cse-search-box%3C=en
https://www.gstatic.com/prose/brandjs.js

14 KB
14 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: thesmokering.com
URL: http://thesmokering.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
age: 5714
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13880
x-xss-protection: 0
expires: Fri, 28 May 2021 17:48:17 GMT

Redirect headers

Date: Thu, 27 May 2021 19:23:31 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/prose/brandjs.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Thu, 27 May 2021 19:53:31 GMT

GET
H/1.1 200
OK soezzy_banner.gif
www.thesmokering.com/ads/ 14 KB
14 KB 431ms
285ms Image
image/gif 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.thesmokering.com/ads/soezzy_banner.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: dfacddb48c29b1e9dcfd45d5da5c15b692e2f45d7cdd2e5ac00cc51ecc06864d

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:24 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "3792-550d488f12aa2"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14226

GET
H/1.1 200
OK pdf_button.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 162ms
160ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/pdf_button.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 5c00a1e325581a6362af319e0bd70d8c02c88c35f6d3d155a9ef16fd66cd7dc3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "50a-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1290

GET
H/1.1 200
OK printButton.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 157ms
156ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/printButton.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 56e1ae52992285272c02903e0b1f1e3f3fc1cda4715e62a1bad3f636d2a59d35

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "510-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1296

GET
H/1.1 200
OK emailButton.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 317ms
160ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/emailButton.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 17da9fa737a8dc84dc780804903c909eceea5fb18ced7e590ef8e8592b585dfc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "503-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1283

GET
H/1.1 200
OK buy-1abimage.gif
thesmokering.com/images/stories/GrillGrate/ 25 KB
26 KB 303ms
155ms Image
image/gif 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/GrillGrate/buy-1abimage.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 06ac68cce976de7ac4949b7ddc2cb54db66d00a9e018eb4ad122882a1a92b0c3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:29 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "652d-550d489418cc2"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 25901

GET
H/1.1 200
OK 20140719_182329.jpg
thesmokering.com/images/stories/GrillGrate/ 2 MB
2 MB 293ms
151ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/GrillGrate/20140719_182329.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 8c642150e811f0535b30fd5435bde11f2362eb61ac2e4cfb8418fd6cb877221b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:29 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "20aa26-550d489397e42"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2140710

GET
H/1.1 200
OK 20140719_182202.jpg
thesmokering.com/images/stories/GrillGrate/ 20 KB
20 KB 293ms
152ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/GrillGrate/20140719_182202.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 840a17e11ca08c0b483f556b60e35a322f7ece30749430adf19f0657ddf9594c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "50c9-550d48948b0e1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 20681

GET
H/1.1 200
OK 1391841_10151680732516813_677662328_n.jpg
thesmokering.com/images/stories/2013WorldFoodChampionships/ 42 KB
43 KB 158ms
158ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/2013WorldFoodChampionships/1391841_10151680732516813_677662328_n.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 68a102ca091150fd7fb1ea0c5cbff8d1318796c999a31f11beadcbf5f730ffff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:28 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "a910-550d489322b42"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 43280

GET
H/1.1 200
OK 1012699_10202455195925081_1449954370_n.jpg
thesmokering.com/images/stories/2013WorldFoodChampionships/ 43 KB
43 KB 165ms
164ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/2013WorldFoodChampionships/1012699_10202455195925081_1449954370_n.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: a48b07401f6f015117a64a8fdffb3d9bc047d65e4a6704bb39e53ebedf892789

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:28 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "ab75-550d489322b42"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 43893

GET
H/1.1 200
OK smokering.gif
www.thesmokering.com/images/ 6 KB
6 KB 399ms
277ms Image
image/gif 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.thesmokering.com/images/smokering.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 442368871e47a3423eaf02c59622206f5c097e35f22bd6c66b255b2855763542

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:28 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "18b8-550d48931ecc2"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6328

GET
H/1.1 200
OK header-bar.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 277ms
159ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/header-bar.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 0c358e451b20ae9558a97bff19e180d1c4efdc7bbde2863344db37b95b898433

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "540-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1344

GET
H/1.1 200
OK horiz-menu-tab-r.png
thesmokering.com/templates/rt_versatility4_j15/images/style9/menustyle1/ 1 KB
2 KB 262ms
150ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/style9/menustyle1/horiz-menu-tab-r.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: d6b8457a43c1ac2ed656b2a65ee142c6e63db7fb07526efc2a5dd8c0c37e336d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "5d5-550d4895dbf81"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1493

GET
H/1.1 200
OK horiz-menu-tab-l.png
thesmokering.com/templates/rt_versatility4_j15/images/style9/menustyle1/ 1 KB
2 KB 267ms
154ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/style9/menustyle1/horiz-menu-tab-l.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: fe5c86cb0d38a52f8d11e29d40731ba97f883ef241cbfa8bf96eaa3b02dd82cd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "59d-550d4895dbf81"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1437

GET
H/1.1 200
OK horiz-menu-div.png
thesmokering.com/templates/rt_versatility4_j15/images/ 200 B
491 B 260ms
151ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/horiz-menu-div.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/menustyle1.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 3bf09c4d2fa616dd1e2ec513f2f355b4f4e2ea39246d328bb60921038a0d793e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/menustyle1.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/menustyle1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "c8-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 200

GET
H/1.1 200
OK sidenav-arrow.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 160ms
160ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/sidenav-arrow.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: a9b10b1c6bbe5e5d42e5942e0a4ae7801c915da700977fa4f6d3c10418787c90

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Cookie: __gads=ID=0d00063f2b7b83c8-224cd86329c8005a:T=1622143411:RT=1622143411:S=ALNI_MZo2iRHVkjZJaosmQKTRs9xNiJi2g
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "4f5-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1269

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ 232 KB
86 KB 73ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-9130166455821027&plah=thesmokering.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87658
x-xss-protection: 0
server: cafe
etag: 5316214545020586774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 19:23:31 GMT

GET
H/1.1 200
OK module-bottom-bg.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 211ms
160ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/module-bottom-bg.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: bf32d6602d2252d6fac88c8e2df30cac23ce51c3c2654e526757163efe8b9b43

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "537-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1335

GET
H/1.1 200
OK module-h3.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 215ms
166ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/module-h3.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 9906fdb0472cf2463c74b23d4c119212576a93f600b091bb55b8165038b85637

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "573-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1395

GET
H2

200

likebox.php Show response
www.facebook.com/plugins/ Frame F82B
Redirect Chain

http://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

44 KB
14 KB

224ms
221ms

Document
text/html

2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Requested by

Host: thesmokering.com
URL: http://thesmokering.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89bce224b9799a93e7b678c7c9a1e849825d69b1cac1599a3dbfbcc2749c1921

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
x-xss-protection: 0
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 7qmO+xaDuugTxVDVnIOJRBxWnZDihLDgeEenAWLmcmmwnudRmn61kb5AhyFqCgcU+msB6XKUnkbYSpLo3+bTKg==
date: Thu, 27 May 2021 19:23:31 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK jc_blog.gif
thesmokering.com/components/com_jcomments/tpl/default/images/ 90 B
380 B 153ms
152ms Image
image/gif 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/components/com_jcomments/tpl/default/images/jc_blog.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/components/com_jcomments/tpl/default/style.css?v=12
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 54952f484a72464374141c1515910cf11c7a5fcc30a52b2d46b590efece2518f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/components/com_jcomments/tpl/default/style.css?v=12
Cookie: __gads=ID=0d00063f2b7b83c8-224cd86329c8005a:T=1622143411:RT=1622143411:S=ALNI_MZo2iRHVkjZJaosmQKTRs9xNiJi2g
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/components/com_jcomments/tpl/default/style.css?v=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:46:44 GMT
Last-Modified: Wed, 31 May 2017 16:37:24 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "5a-550d488f61c42"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 90

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
645 B 176ms
78ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=thesmokering.com&callback=_gfp_s_&client=ca-pub-9130166455821027

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-9130166455821027&plah=thesmokering.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e0f196e188e183b176af22de9883b7f42ea5e849769c7011b3a4596147ea9479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 45ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thesmokering.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 19:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 41ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thesmokering.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 19:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDFD 57 KB
15 KB 378ms
376ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622141203&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411377&bpp=23&bdt=836&idt=182&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ebwcj3tHCy&p=http%3A//thesmokering.com&dtd=215

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e9970a38c27672ad592a3b89dca68155ffbd43cf31a3e2a758688a6574b77ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622141203&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411377&bpp=23&bdt=836&idt=182&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ebwcj3tHCy&p=http%3A//thesmokering.com&dtd=215
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 19:23:31 GMT
server: cafe
content-length: 15349
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 19:38:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 19:23:31 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Thu, 27 May 2021 19:23:31 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A5B 56 KB
21 KB 367ms
366ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622141203&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411447&bpp=3&bdt=906&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pZRr1p64oX&p=http%3A//thesmokering.com&dtd=162

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

282e2c0d5b8cb71437eebb90dc7b384ec3886bf8f7a6e5e1059b69daf30ecbc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622141203&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411447&bpp=3&bdt=906&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pZRr1p64oX&p=http%3A//thesmokering.com&dtd=162
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 19:23:31 GMT
server: cafe
content-length: 21667
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 19:38:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 19:23:31 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DAE 603 B
248 B 61ms
60ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1107008511660248&output=html&h=600&adk=1942723166&adf=4269584164&w=160&lmt=1622141203&channel=2337602155&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411454&bpp=5&bdt=913&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C160x600_as&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1VmelG23x2&p=http%3A//thesmokering.com&dtd=161

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1107008511660248&output=html&h=600&adk=1942723166&adf=4269584164&w=160&lmt=1622141203&channel=2337602155&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411454&bpp=5&bdt=913&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C160x600_as&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1VmelG23x2&p=http%3A//thesmokering.com&dtd=161
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 19:23:31 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 19:38:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 19:23:31 GMT
cache-control: private

GET
H3-29 200 fFR2Q3u6zE3.css
www.facebook.com/rsrc.php/v3/yQ/l/0,cross/ Frame F82B 24 KB
5 KB 35ms
33ms Stylesheet
text/css 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yQ/l/0,cross/fFR2Q3u6zE3.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

028b02da0298a02e2e89381e51ff170eaa459a3f5ad14f4a05038ae3944165c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 16:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ckqkXmzl83Y0Lsedgzdtgg==
cross-origin-resource-policy: cross-origin
content-length: 5550
x-fb-rlafr: 0
x-fb-debug: CuHju3SHDi4XOkhSEKHKeQrCS/6EPiK1l/3gCGnWFZBpq025Ic0H6HfYmiDSNbYW0wW3dyzYCndxsb56XqXIWQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 16:08:54 GMT

GET
H3-29 200 5Fsnp3irenq.css
www.facebook.com/rsrc.php/v3/yt/l/0,cross/ Frame F82B 2 KB
868 B 35ms
34ms Stylesheet
text/css 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yt/l/0,cross/5Fsnp3irenq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec98f88129d5c3180c878d70ae27ffcdf7907737e4d2e82ec41b6f81fe1cd8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 16:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: J9gtDCcpBAeYh1TcXJ9kqQ==
cross-origin-resource-policy: cross-origin
content-length: 816
x-fb-rlafr: 0
x-fb-debug: TGaeVsVb6MWCv0fA3yBOzKLMeqLnLtB1xRYFGZywKARqUcVbhVgRKLJjfE2u3t+f5huwpNTsgPD8vESXOxzg+Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 16:04:32 GMT

GET
H3-29 200 rRdpQF5MU4a.js Show response
www.facebook.com/rsrc.php/v3/y2/r/ Frame F82B 293 KB
80 KB 35ms
34ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abb06a0b1c3e20d177c9487ed38d050957aff6039a3c6fa5dfe1e1b92425ec69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 00:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CVgGlvs5c6fw4bV6J57pWw==
cross-origin-resource-policy: cross-origin
content-length: 81394
x-fb-rlafr: 0
x-fb-debug: 1Z1itLO2ddkRwy00O/esfl0auizc/m1HEoXwJ3WoZA40y1WS9DHvXVYmU1lXtz9Uw5vaNrb8AoogENXF/QU1IA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 00:07:47 GMT

GET
H3-29 200 iALMJVe92ZV.js Show response
www.facebook.com/rsrc.php/v3/yd/r/ Frame F82B 63 KB
19 KB 66ms
64ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yd/r/iALMJVe92ZV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a62852a6318a94ccc9346e48da6906e3fd66ce8d32a042e9fe028666e16f2874

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /f2/ujrwni4E9eX78Vgi7g==
cross-origin-resource-policy: cross-origin
content-length: 19638
x-fb-rlafr: 0
x-fb-debug: eNYStZA+8GFrDF74dz/OBL6yl8rYRHdkFMyR21GhlDAC9/q2/Oj4pEiLGjs3FeP9kj43J0SHWSQ4QCD94T1Upg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 May 2022 09:02:54 GMT

GET
H3-29 200 E_Gl3BdgcOh.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yw/l/en_US/ Frame F82B 126 KB
35 KB 66ms
65ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yw/l/en_US/E_Gl3BdgcOh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d09f54d072f2734fc8a3c27ab293e06a10f564a6ae5557d17972cf51d68e19af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: igf0WSmG2b+bEy59/WZ4bQ==
cross-origin-resource-policy: cross-origin
content-length: 35958
x-fb-rlafr: 0
x-fb-debug: WTbLH/MuvHUTh+vcj/6pMhan4TaNJ1Gl0YZqoY8ket9fo0NRoLiswgPmkj5/BCQW+BETkMLvVAqgmq9mbTp9qg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 May 2022 22:08:21 GMT

GET
H3-29 200 IEOQM8FL8ot.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame F82B 5 KB
2 KB 67ms
65ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: 5lR77XKsBYvLGMm8PWghORRufMLO/rmQbLF9+5TYyi9MN6iFiG7ZXrOMpvztAXvipnrPp4QdCnkJ1rPHm2qqVw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 May 2022 12:35:46 GMT

GET
H3-29 200 q3JF3hLjbAD.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame F82B 2 KB
849 B 67ms
66ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/q3JF3hLjbAD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 15:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1ETliEs92UIU/fKzQa5sDA==
cross-origin-resource-policy: cross-origin
content-length: 797
x-fb-rlafr: 0
x-fb-debug: ZHRDl7PYHuBXywFLLSInZoOo+NQGxKoaaz8AHnghIHoeJbK0siUxTX7qJHhM8zZdK6rJ4DPdE92t5HaIfPgfvQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 May 2022 15:58:34 GMT

GET
H2 200 554556_10150671705754537_574231399_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.18169-0/p133x133/ Frame F82B 7 KB
8 KB 24ms
7ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.18169-0/p133x133/554556_10150671705754537_574231399_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=a61e81&_nc_ohc=Mjn0UKpbCM0AX8uM31q&_nc_ht=scontent-frt3-2.xx&tp=6&oh=24b87f1ac4eb5b43d295d8b2a246a542&oe=60D6A80F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 06068c0160add1cf259e7119e9b7c69192913f756a079bc8ea4cf9f36ca02e02

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 971911059
date: Thu, 27 May 2021 19:23:31 GMT
x-fb-trip-id: 686109401
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3383469625
x-fb-config-version-olb-prod: 1109
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 7453

GET
H2 200 215778_10150180311344537_2993121_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/c84.19.238.238a/s50x50/ Frame F82B 2 KB
3 KB 21ms
7ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/c84.19.238.238a/s50x50/215778_10150180311344537_2993121_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=3BWhTdkHq-IAX8GRHY5&_nc_ht=scontent-frx5-1.xx&tp=28&oh=ad319d472e1cb4273580adec9d2439aa&oe=60D51682
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 62fe962bdb00167596ab51dcee33c75a62d9afaacf275de2a96d86de408d17bf

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3576806282
date: Thu, 27 May 2021 19:23:31 GMT
x-fb-trip-id: 917726464
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 649096312
x-fb-config-version-olb-prod: f505330fc78246408a01bc4714b0d909
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2325

GET
H3-29 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame F82B 573 B
623 B 33ms
32ms Image
image/png 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yQ/l/0,cross/fFR2Q3u6zE3.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yQ/l/0,cross/fFR2Q3u6zE3.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: C3FrXqGNMs+vSHk93Sba/lZUcyZF+1Rzpf/UzX56SQmX0ylylQFRe5ztGTGrZy/rjwQTDoKgfcSq+emyFOUycA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Fri, 21 May 2021 00:31:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Sat, 21 May 2022 00:31:35 GMT

GET
H3-29 200 5MGvACNezzf.js Show response
www.facebook.com/rsrc.php/v3/yU/r/ Frame F82B 10 KB
3 KB 34ms
34ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yU/r/5MGvACNezzf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b6dc9c991ab220cd15c5fac9d15755e9025807cc19579bce39d9c8f36bb0ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 16:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: w/ZAqGEAKUKExzdr+tp73w==
cross-origin-resource-policy: cross-origin
content-length: 3269
x-fb-rlafr: 0
x-fb-debug: +5zQj7TcXseAkckUPdbQtijjin8MzQ6bNLmhYNFlyjgFskf964Pujxx561IYNGvIRnIstKqTbQj8YzwVZNzQag==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 16:06:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DDFD 3 KB
687 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622141203&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411377&bpp=23&bdt=836&idt=182&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ebwcj3tHCy&p=http%3A//thesmokering.com&dtd=215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 May 2021 19:19:01 GMT
server: ESF
date: Thu, 27 May 2021 19:23:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 May 2021 19:23:31 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame DDFD 1 KB
990 B 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:14:53 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame DDFD 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:21:53 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame DDFD 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:22:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDFD 121 KB
37 KB 32ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 19:23:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame DDFD 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:23:02 GMT

GET
H3-29 200 7d9aee27bee51cf015d1b4a8dc2025e1.js Show response
www.gstatic.com/mysidia/ Frame DDFD 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 11:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 22:15:01 GMT
server: sffe
age: 29415
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Wed, 25 Aug 2021 11:13:16 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DDFD 0
0 58ms
49ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLC4Ks_GvYPXUJdnG1fAPifa6qA3s7ZTjYsa4raPjDK_1sNXnGxABIIy3oQJglQKgAYaq1MwDyAEBqAMBqgTJAU_QYG8fKnCbcPbXIfe9dCSHPdp7Axjczgv2IytLaubaPThvdQRoylPNOC-XGa0YrubVi3SEZLXA47SRwFtBbGNQVKZWTcDy51KtK0QUBrBhvBdDJPvL-qPDwC9Pbas5uwOsRlUBz0QieqhuyABgcOtlF_AS-3bIjQJ8HVHI2q9DQEDyfe2Lmk_4CD5Jvx9Gbl-5OomApeo4m2z3InRjKBQDA8ZQrvhoSeRsEwLSP4ouDPM3p9pl9W_dQfFJe7BgLMjtUXxhw_bov8AE7tPjm4MDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB9fSz2eoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ3rkD0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTkxMzAxNjY0NTU4MjEwMjc&sigh=Ybgt2WiTTQE&template_id=5001

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622141203&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411377&bpp=23&bdt=836&idt=182&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ebwcj3tHCy&p=http%3A//thesmokering.com&dtd=215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 27 May 2021 19:23:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 May 2021 19:23:32 GMT

GET
H3-29 200 3500211320194975216
tpc.googlesyndication.com/simgad/ Frame 6A5B 111 KB
111 KB 38ms
14ms Image
image/gif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3500211320194975216

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622141203&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411447&bpp=3&bdt=906&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pZRr1p64oX&p=http%3A//thesmokering.com&dtd=162

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f133d6e7ba32b15cfa55a712ecc52a35e852fc1e3c00177de62c2a9444db69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 06:30:04 GMT
x-content-type-options: nosniff
age: 564808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113492
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 05:55:28 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 06:30:04 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 6A5B 17 KB
7 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:21:53 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 6A5B 2 KB
1 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:22:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A5B 121 KB
37 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 19:23:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 6A5B 13 KB
6 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:23:02 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 6A5B 25 KB
10 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a656137c96d7c5550298220b3583603d6342a582bb53251bdcc52dace3716d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10532
x-xss-protection: 0
server: cafe
etag: 13485069350837860933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 11:10:38 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6A5B 0
0 50ms
47ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL6PQs_GvYOvLJrfI1fAPg6yEyAz2wdLzYpeyzqPFDZaCzYWIFhABIIy3oQJglQKgAbKGrvQCyAEDqAMByAPJBKoEyQFP0DB4ZJxkUDirCJcyx4OcoejvGbpcvd64xiCIrd3mclCLh-4fRAJlReg6wxe_lXyVYTvXRCxeRhPuwKPr74_UTL0OdKQ-nmiPFnbLaSzxcGZgquRgO9ml4LX8cmaqCUnAgMV_pYZNgNyWFoflizskzKM3qfpPBCUmzmIZp1Is56GPJ1fxegR-THIspRM045vrkvAyOWxr5QrFwdj1PQgfQ-TFz7x0zRCc5NH594pr7NNbshkJ1-D85j5j5rqR_C3DeHOuz1q8rufABM6FqIm9A5IFBAgEGAGSBQQIBRgEoAYDgAffyeuPAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCl-g3SCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItOTEzMDE2NjQ1NTgyMTAyNw&sigh=fDG_j91mq_U

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622141203&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411447&bpp=3&bdt=906&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pZRr1p64oX&p=http%3A//thesmokering.com&dtd=162
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 27 May 2021 19:23:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 May 2021 19:23:32 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5687549350919958323/ Frame DDFD 5 KB
5 KB 28ms
14ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5687549350919958323/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e067a410cf07da47cb74ab241835ccbd214586be4109cac2596a0c52c3df519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 23:50:57 GMT
x-content-type-options: nosniff
age: 502355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4610
x-xss-protection: 0
last-modified: Tue, 26 Nov 2019 20:31:43 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 23:50:57 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0156 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622141203&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411377&bpp=23&bdt=836&idt=182&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ebwcj3tHCy&p=http%3A//thesmokering.com&dtd=215
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlxdvTZMeWtbXlvOa6IXToGC_jr2YOgiQCLC_EYro2pmPlsNEZNqeaQwZC2FSY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622141203&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411377&bpp=23&bdt=836&idt=182&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3561075299750&frm=20&pv=2&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ebwcj3tHCy&p=http%3A//thesmokering.com&dtd=215

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 18:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1582
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DDFD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ba4e1bca1efbdaaf77ea0e358e466cebeb75a697569cbf432de896379649b55

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 788A 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622141203&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411447&bpp=3&bdt=906&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pZRr1p64oX&p=http%3A//thesmokering.com&dtd=162
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlxdvTZMeWtbXlvOa6IXToGC_jr2YOgiQCLC_EYro2pmPlsNEZNqeaQwZC2FSY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622141203&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622143411447&bpp=3&bdt=906&idt=158&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=195553685318947&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pZRr1p64oX&p=http%3A//thesmokering.com&dtd=162

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 18:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1582
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6A5B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef7728b1ef7743f3531b7ce791040e648d6013af80d84ac2ad9ddce3be16d001

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame DDFD 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 379194
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 23 May 2022 10:03:38 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame DDFD 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 10:13:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 551405
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 21 May 2022 10:13:27 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0156
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

42ms
41ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlxdvTZMeWtbXlvOa6IXToGC_jr2YOgiQCLC_EYro2pmPlsNEZNqeaQwZC2FSY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 19:23:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 27-May-2021 20:23:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 19:23:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 19:23:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 788A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

42ms
42ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlxdvTZMeWtbXlvOa6IXToGC_jr2YOgiQCLC_EYro2pmPlsNEZNqeaQwZC2FSY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 19:23:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 27-May-2021 20:23:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 19:23:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 19:23:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 47DE 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 1119
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Fri, 27 May 2022 19:04:53 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48356
x-xss-protection: 0
server: cafe
etag: 3890051329819667200
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 19:23:32 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 33ms
20ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68b9fadb91dca542f22964b56f40201a49437a9ab037de5c28ef310eb332dceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 19:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 27 May 2021 19:23:32 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame 09AD 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210524/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlxdvTZMeWtbXlvOa6IXToGC_jr2YOgiQCLC_EYro2pmPlsNEZNqeaQwZC2FSY; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 26 May 2021 20:29:24 GMT
expires: Wed, 09 Jun 2021 20:29:24 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 82448
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thesmokering.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 19:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thesmokering.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 19:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8226 0
16 B 30ms
29ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&adk=1583717119&adf=1965533518&lmt=1622141203&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fthesmokering.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1622143412523&bpp=2&bdt=1982&idt=2&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0d00063f2b7b83c8-224cd86329c8005a%3AT%3D1622143411%3ART%3D1622143411%3AS%3DALNI_MZo2iRHVkjZJaosmQKTRs9xNiJi2g&prev_fmts=728x90_as%2C160x600_as%2C160x600_as&nras=1&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&psts=AGkb-H8ZXkPc5suDNz6LzF6_V5um4cqEQrLBuCAiS58A4ENF8uQuiVS6Yst9h8VubUOpTm1sibuw2RrxVEQ%2CAGkb-H9yV0AJPujp9lChj3XKLGmOCk99fOr0SyWhQPayHOWXoY3SdCquEvIu8bnYH9m0j7cAaNkfZ7GDX1Uy3Q&pvsid=195553685318947&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=25

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9130166455821027&output=html&adk=1583717119&adf=1965533518&lmt=1622141203&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fthesmokering.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1622143412523&bpp=2&bdt=1982&idt=2&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0d00063f2b7b83c8-224cd86329c8005a%3AT%3D1622143411%3ART%3D1622143411%3AS%3DALNI_MZo2iRHVkjZJaosmQKTRs9xNiJi2g&prev_fmts=728x90_as%2C160x600_as%2C160x600_as&nras=1&correlator=3561075299750&frm=20&pv=1&ga_vid=1030543663.1622143412&ga_sid=1622143412&ga_hid=902604042&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&psts=AGkb-H8ZXkPc5suDNz6LzF6_V5um4cqEQrLBuCAiS58A4ENF8uQuiVS6Yst9h8VubUOpTm1sibuw2RrxVEQ%2CAGkb-H9yV0AJPujp9lChj3XKLGmOCk99fOr0SyWhQPayHOWXoY3SdCquEvIu8bnYH9m0j7cAaNkfZ7GDX1Uy3Q&pvsid=195553685318947&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlxdvTZMeWtbXlvOa6IXToGC_jr2YOgiQCLC_EYro2pmPlsNEZNqeaQwZC2FSY; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 19:23:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 723B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 27 May 2021 19:09:54 GMT
expires: Fri, 27 May 2022 19:09:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 818
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0194 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c733e750b295c26c3dd44a0870be48c8b5993b2eabbcd8d52eaf88d6823fa89e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dYQPk5LVS55WQ7AAQxsuuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

expires: Thu, 27 May 2021 19:23:32 GMT
date: Thu, 27 May 2021 19:23:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-dYQPk5LVS55WQ7AAQxsuuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 723B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 1119
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Fri, 27 May 2022 19:04:53 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=195553685318947&bg=!lJell9PNAAaMan2LjGo7ACkAdvg8WtUijpo9dRE62pCL0S19BEOaQ32ZABYadPghXxGQN4JgS9j6bQIAAABwUgAAAAxoAQeZAk7BQ3TA3crVvzP8LEsXd_ly7jagSKuZpmCGbh0sW1PZzq9B8g_2FvkO5uJZAw4nC5l7bNDHqULoo7MxlmZwUJ7grCDMA5OWzwRxeWstuJ8Xufx4lKeOfJynLcuSR3FiXPRYyLQNN-9NojCTS98ZbmNqfmiZUbWf8B0PFf2fYz2nlU7gn7Ku5Qs88Wb21P_xKvr27e-U0KQlLLGYHHcYiMegPWawgsERArX8QrZHuP29RaY9aW5PONiZMA-kEVWBhogl-e66ofl3_0kMsvqO_I0vYIT7_ZFsMbLP9QUvR5_HYZHP6JDotZoYIDigwjw9uJ6d_E7333s1aZe7P9RH9qdGR1QwMh42P9TweIx5SU04zTl45_l0jBjzd-o0ZIlU3lX8QXQF7W-iBbVcV4JL_n2An7IDRafHI-yKMa7H9Rxp9k8SBUi78c1eP2KMB_A6lFjBaZ9NLdq0TpA3VIMr78ZQss6lWwAXXW9umN47W2uYgPn1QitEQypNkMBjtUAbKv-u6_bPJHg0Ps4RWlWliDffCgX3NS0vD8Sux7cxOkWTDFgRpArJA2tD9YLqh-Hx326bWGU74Ktp9uaE6MR0-uB7pVB_h6wftprm2BMAZ01Ii4HwCuoWevtn1Gas2n7Fpi5SOcyO9YH3sQTei67usV8wrjkahv25LLqw4ejE231mdiVm74j-djmwXlpZ6L539ouqOfLpgB9H2cARG6ssAkHOzkMwTQjs17jqLrwgbJOUWQQrsC9dzQz92Kc8qdZN2WagOUBBF4I-UPVgtVACtQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 19:23:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DDFD 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT7z-wUBxXMGkGG5cC_m5zSHPbPeAk6E7YRRhRCDKN2IkQdZe1iWbrnxNlIlI9tMURA-7Pk8jPybgcywn_2vYnoq1PCU7ywCxwqVmCuwRTGi_Y-oFVVlPB46WMYQ&sai=AMfl-YQeqkvKcS4BDu84z_VAssxPCWNTKp3c-ZTmdmtQpstlT0XNxzcB3V3Bs0JwhwaMgbfnO6LIrV-4YhHS&sig=Cg0ArKJSzJlq-BhqvqvvEAE&id=lidar2&mcvt=1000&p=282,351,372,1079&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1945336083&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1622143411596&dlt=382&rpt=83&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 19:23:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

264 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:35:47	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 03:57:19	Name: IDE Value: AHWqTUlxdvTZMeWtbXlvOa6IXToGC_jr2YOgiQCLC_EYro2pmPlsNEZNqeaQwZC2FSY
.thesmokering.com/	1970-01-20 03:57:19	Name: __gads Value: ID=0d00063f2b7b83c8-224cd86329c8005a:T=1622143411:RT=1622143411:S=ALNI_MZo2iRHVkjZJaosmQKTRs9xNiJi2g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
groups.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
thesmokering.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.thesmokering.com
142.250.181.226
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c06::8b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f132:83:face:b00c:0:25de
69.64.33.70
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
014a5a330356f54c97229892cd15e816d39fda883442930e13f39c7eb247ab91
028b02da0298a02e2e89381e51ff170eaa459a3f5ad14f4a05038ae3944165c2
03d34432f9a8d245c766530864c54eb38da44eddd8dba7d04b8b8642533aab6d
06068c0160add1cf259e7119e9b7c69192913f756a079bc8ea4cf9f36ca02e02
06ac68cce976de7ac4949b7ddc2cb54db66d00a9e018eb4ad122882a1a92b0c3
0a17318dcebcff96868ba5a8e58c6dc8cbc505abfd042190b66b0b116d037cee
0b6dc9c991ab220cd15c5fac9d15755e9025807cc19579bce39d9c8f36bb0ba0
0bebc26684519b54ae335b937fa0a1092b472b2c6824b06a58884f8318b92e40
0c358e451b20ae9558a97bff19e180d1c4efdc7bbde2863344db37b95b898433
0d824c8b104ad2fe36019f4b3238d8c2969ae84008602a1f3d0b96024d6b131a
12c49b8251759efdfda0bb5f904b1c3ccf50c48652f00257be09653bf576ca18
17da9fa737a8dc84dc780804903c909eceea5fb18ced7e590ef8e8592b585dfc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e067a410cf07da47cb74ab241835ccbd214586be4109cac2596a0c52c3df519
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
282e2c0d5b8cb71437eebb90dc7b384ec3886bf8f7a6e5e1059b69daf30ecbc5
2e7fd02690c2b3ac12a055a1d86ef18a7d3b2b6c85c5531146f0d230543f9d78
2e9970a38c27672ad592a3b89dca68155ffbd43cf31a3e2a758688a6574b77ec
3ac369148d079f0d001ec6665651810a454c2caab0a512bd5aae4bdc1571aa0b
3bf09c4d2fa616dd1e2ec513f2f355b4f4e2ea39246d328bb60921038a0d793e
442368871e47a3423eaf02c59622206f5c097e35f22bd6c66b255b2855763542
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
54952f484a72464374141c1515910cf11c7a5fcc30a52b2d46b590efece2518f
56e1ae52992285272c02903e0b1f1e3f3fc1cda4715e62a1bad3f636d2a59d35
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5c00a1e325581a6362af319e0bd70d8c02c88c35f6d3d155a9ef16fd66cd7dc3
5f133d6e7ba32b15cfa55a712ecc52a35e852fc1e3c00177de62c2a9444db69d
62fe962bdb00167596ab51dcee33c75a62d9afaacf275de2a96d86de408d17bf
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
68a102ca091150fd7fb1ea0c5cbff8d1318796c999a31f11beadcbf5f730ffff
68b9fadb91dca542f22964b56f40201a49437a9ab037de5c28ef310eb332dceb
6f41f29b0f02e5481de7e96b521b618eca399bade637e84457034fab87681d91
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
751c93befc1f1c6dbe3c6d302c25cbeee14a405b5a34b25f5b7366fb599f7c78
8277ada3d1ccd0b1f23a28587ba5c3346b4c6afa9d5a7b7d4c04e51c7b6cb086
840a17e11ca08c0b483f556b60e35a322f7ece30749430adf19f0657ddf9594c
89bce224b9799a93e7b678c7c9a1e849825d69b1cac1599a3dbfbcc2749c1921
8c642150e811f0535b30fd5435bde11f2362eb61ac2e4cfb8418fd6cb877221b
8c97cfb05def8a6ee856da0e7e3a9e9da8e431361152a06cfbfe4e270040abba
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
92dfa39c819c8fa384420fd0e0d4f2b5b886dd691b1977cce5bd1cd77e3ae2a6
9906fdb0472cf2463c74b23d4c119212576a93f600b091bb55b8165038b85637
9ba4e1bca1efbdaaf77ea0e358e466cebeb75a697569cbf432de896379649b55
a48b07401f6f015117a64a8fdffb3d9bc047d65e4a6704bb39e53ebedf892789
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a62852a6318a94ccc9346e48da6906e3fd66ce8d32a042e9fe028666e16f2874
a656137c96d7c5550298220b3583603d6342a582bb53251bdcc52dace3716d4b
a9b10b1c6bbe5e5d42e5942e0a4ae7801c915da700977fa4f6d3c10418787c90
abb06a0b1c3e20d177c9487ed38d050957aff6039a3c6fa5dfe1e1b92425ec69
bb731be92c4bfe2360141c42a987ee49e2191ed75e2efff0dcc42e1882d6da7b
bf32d6602d2252d6fac88c8e2df30cac23ce51c3c2654e526757163efe8b9b43
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
c733e750b295c26c3dd44a0870be48c8b5993b2eabbcd8d52eaf88d6823fa89e
c88189664b52efac0b21fb0b7eca62e131aecc86422278a34936b00e14f87e9e
ce512fcbd31a5d0fe52c9a39c50be1c97b9018de56cb7f83a4799b291c39868a
d09f54d072f2734fc8a3c27ab293e06a10f564a6ae5557d17972cf51d68e19af
d55c65b246a876f75cce868400d9d8f54880cceaff2ea0aaeec5c2aa2731db05
d6b8457a43c1ac2ed656b2a65ee142c6e63db7fb07526efc2a5dd8c0c37e336d
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
ddf43ca5f1ddd28645a5d21dcb48da29ab5beef16b7ba84f882aa43bdf273f8d
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
df6fe9bd5ecef4a9ef720db4db9602fb17a092676ab448f7d3ec4b886b04ae7d
dfacddb48c29b1e9dcfd45d5da5c15b692e2f45d7cdd2e5ac00cc51ecc06864d
e0f196e188e183b176af22de9883b7f42ea5e849769c7011b3a4596147ea9479
e2e98876ea28211c939ec8659ebbc2349a8040ab6fe7798b2f1f9b9bf89e9099
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3
ec98f88129d5c3180c878d70ae27ffcdf7907737e4d2e82ec41b6f81fe1cd8ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7728b1ef7743f3531b7ce791040e648d6013af80d84ac2ad9ddce3be16d001
f096f07e076d84ac7a0f534eaf028ca2ddd4443647d9da4bad29b5dd0462acc6
f10c42a2b0dc0a3058c6c0b986125c1625ce4de4ad4e1f9e39e811ca971ce187
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3148089ed8727c786141478e43f096a8ff06bce4141ce8aeabe9bfb662e1a4c
fb006755b2d123db10b3930cda8234ec7bb37a1f3540f17eb1638070309b28a4
fe5c86cb0d38a52f8d11e29d40731ba97f883ef241cbfa8bf96eaa3b02dd82cd

thesmokering.com Open in urlscan Pro 69.64.33.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

101 Requests

56 %HTTPS

88 %IPv6

11 Domains

17 Subdomains

17 IPs

4 Countries

3120 kBTransfer

4419 kBSize

3 Cookies

5 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

thesmokering.com Open in urlscan Pro
69.64.33.70 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

56 %
HTTPS

88 %
IPv6

11
Domains

17
Subdomains

17
IPs

4
Countries

3120 kB
Transfer

4419 kB
Size

3
Cookies

101 HTTP transactions
2 data transactions