urlscan.io logo urlscan.io
SecurityTrails logo

wtfdetective.com Open in urlscan Pro
104.21.52.92  Public Scan

Go To Rescan Add Verdict Report
URL: https://wtfdetective.com/category/quotes/
Submission: On November 26 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 65 HTTP transactions. The main IP is 104.21.52.92, located in and belongs to CLOUDFLARENET, US. The main domain is wtfdetective.com. The Cisco Umbrella rank of the primary domain is 653344.
TLS certificate: Issued by E1 on October 28th 2022. Valid for: 3 months.
This is the only time wtfdetective.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 104.21.52.92 13335 (CLOUDFLAR...)
2 142.250.4.97 15169 (GOOGLE)
1 108.178.23.114 32475 (SINGLEHOP...)
8 74.125.130.157 15169 (GOOGLE)
8 172.217.194.154 15169 (GOOGLE)
3 172.217.194.139 15169 (GOOGLE)
2 142.250.4.155 15169 (GOOGLE)
2 142.251.10.155 15169 (GOOGLE)
2 172.253.118.95 15169 (GOOGLE)
3 74.125.24.94 15169 (GOOGLE)
10 142.251.10.132 15169 (GOOGLE)
2 74.125.68.155 15169 (GOOGLE)
1 1 74.125.24.99 ()
65 13
21    104.21.52.92 (None, )

ASN13335 (CLOUDFLARENET, US)
wtfdetective.com
2    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
1    108.178.23.114 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
free.xjs.lol
8    74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
pagead2.googlesyndication.com
8    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
googleads.g.doubleclick.net
partner.googleadservices.com
3    172.217.194.139 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f139.1e100.net
www.google-analytics.com
2    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
adservice.google.co.nz
2    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
adservice.google.com
2    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com
3    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
10    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
tpc.googlesyndication.com
2    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
www.googletagservices.com
1    74.125.24.99 (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
21 wtfdetective.com
wtfdetective.com — Cisco Umbrella Rank: 653344
182 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
392 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
77 KB
3 gstatic.com
www.gstatic.com
16 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 40
20 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 178
95 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52
2 KB
2 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 141343
957 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 67
119 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
468 B
1 xjs.lol
free.xjs.lol — Cisco Umbrella Rank: 185533
2 KB
65 12
Domain Requested by
21 wtfdetective.com wtfdetective.com
10 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
8 pagead2.googlesyndication.com wtfdetective.com
pagead2.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
wtfdetective.com
googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.nz pagead2.googlesyndication.com
2 www.googletagmanager.com wtfdetective.com
www.googletagmanager.com
1 www.google.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 free.xjs.lol wtfdetective.com
65 14

This site contains links to these domains. Also see Links.

Domain
wp-puzzle.com
Subject Issuer Validity Valid
*.wtfdetective.com
E1		 2022-10-28 -
2023-01-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
free.xjs.lol
R3		 2022-10-08 -
2023-01-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://wtfdetective.com/category/quotes/
Frame ID: D1B848B33612B1CFCA9B98D6DDEA0E37
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: B4583CD3732842B7852A8579FA147EE5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1207246102564772&output=html&adk=1812271804&adf=3025194257&lmt=1669422555&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwtfdetective.com%2Fcategory%2Fquotes%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669422554926&bpp=23&bdt=1304&idt=1056&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6397490078869&frm=20&pv=2&ga_vid=1445860807.1669422556&ga_sid=1669422556&ga_hid=1765359041&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070969%2C44777948&oid=2&pvsid=3280837340098501&tmod=503374274&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1077
Frame ID: DA78DB0877B0A2157B4D444F71DE4A63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1499913F4D591263B5471456DCD9FEDC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3417539E9ACB756CF154B02084D43BF4
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 48DE4ECF2F40AF40C56B0E35112EEE4C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 13C62D8506672D4B5E27B92374E3EF82
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 20B7EA712B51DF2F3B53177782DF80B7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 1BCAA02636C4C00EB64C66CC38A19212
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quotes & Facts |

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

65
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

13
IPs

2
Countries

907 kB
Transfer

2453 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wtfdetective.com/category/quotes/ 		61 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e5d133558ae298e355688c5afdfa06a59f1b42676fdecd7fd26bbbc9f9ec6c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76fe82289ce8a7ea-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 00:29:13 GMT
dlm-no-waypoints
true
link
<https://wtfdetective.com/wp-json/>; rel="https://api.w.org/", <https://wtfdetective.com/wp-json/wp/v2/categories/86>; rel="alternate"; type="application/json"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkZA4GmzoHv6vMvoj4QQCdazneZY%2B0UMYCOXmTvZfrdBO%2FjSzJr4WbPeuQlW75%2F84EPQBIp%2BMtMsNIa2qTGmV%2B9%2F2c2VNfhf7S%2F6x1IadnHDOW3m6Q3%2F7ZythONWoVBHzB%2BB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000;
vary
Accept-Encoding
style.min.css
wtfdetective.com/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:13 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 16 Nov 2022 02:41:56 GMT
server
cloudflare
etag
W/"63744df4-172a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWziBhUuDdcnTUgJAQbEmY6nw%2BxC%2F87R81aL8LSyzSz4eRYkJGzHWzR02uPkSD5S9bVJkvWxnutNoLma8wK2wTr4azjqHWbil%2FYggtyArEQLS7jJTH0SFMfXcKj5VpXOheDS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
76fe82309f42a7ea-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
blocks.style.build.css
wtfdetective.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 		184 B
497 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.64.1
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:13 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Nov 2022 02:41:17 GMT
server
cloudflare
etag
W/"637ed9cd-b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzMrW%2FwTkVtBVP8Ys6y6rQ0zVnwLVS0ga%2F1RLIVEEQck0hYq5yhrnE0P2LzC7lTVo8g9%2F1WQV0oBz6WrsWRQP%2Bb6EBl4wwOw3UB7g56tH8l23Qdi5BCz%2BQDKoIXGL8ldJDLY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
76fe82309f43a7ea-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
classic-themes.min.css
wtfdetective.com/wp-includes/css/ 		217 B
469 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:13 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 03 Nov 2022 01:51:10 GMT
server
cloudflare
etag
W/"63631e8e-d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxRPbhnRITXsJgDGm7%2Fy062%2Fy91TMwVimn%2B%2F1wjX62sqLrYh9155VGRqVj%2Byeebx6QbKZ8cwILAYI5JnE%2Fu8H%2BXCfs7d2E%2BlE3poXQqtZUa08zxePymfxmXUHmkbgoM5ypKr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
76fe82309f44a7ea-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
wtfdetective.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:14 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149070
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jun 2022 02:13:37 GMT
server
cloudflare
etag
W/"62a2a8d1-48b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x52MxJaQogOQXMrxgw%2B43cY1%2FDUuovXK2VzBvuriDF4d2H1FhnaqdYndZvygYd8RbI0g7IM0CaBQbiuY%2FrdlwHA5kG6Fy6RY%2ByhBWTPVfMZbSGY08HuRuEulgp3UxJ5mYEiV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76fe8232ac2ba932-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
wtfdetective.com/wp-content/themes/basic/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-content/themes/basic/style.css?ver=1
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fba81a4510be9fe7ad6dc107aeda80a76b4841016f4a80e64975650942112b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:13 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 30 Jan 2021 02:53:11 GMT
server
cloudflare
etag
W/"6014ca17-73b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z3JtgBr6hamQDsS%2FEPNbQTtcP28VwPpP4tr0tNg8T7lrrNZ3vokZE4D5PgzHZUc3k0RKRVLRqf0db3LpHsuGp%2BmRqfLNhTJH%2B4iIpK0PU5%2BhF4dkhGQNBFFQgPDHrDBSCV%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
76fe8230cf71a7ea-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
wtfdetective.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:13 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 03 Nov 2022 01:51:11 GMT
server
cloudflare
etag
W/"63631e8f-15e54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvdpAHrk4hzixOGGP0HGL41EkO7C3VPygKzPvYTmA8KqcoGK146ACHu%2BSs1Qe5rTX5qaGzmduzqOfzGtPCVTReJpwUiCiJxTs%2FNJxP5X21aMrqcd6GsL9HR7qLMqd%2FQJajzW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76fe8230cf74a7ea-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
wtfdetective.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:13 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvPuvi6zetk6oW6VEnaXmA6%2FMTRZZ2J0F3dtF7tzBrCmi1WA5GjiY6Pcc9tjPfw7O0vjxAlDDF%2FkU3v9i4Ev2oYi%2FS7RNAAcuvKD3GinJZn8E7pNKtx%2BqG6k4IyQpjn%2FirgL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76fe8230cf78a7ea-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145853476-2
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e6f0ba3d36b737a52b15764584d63893fec00a22413d0de4cb6d2457ea0c9f09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44742
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 26 Nov 2022 00:29:15 GMT
pub.min.js
free.xjs.lol/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://free.xjs.lol/js/pub.min.js
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
99f43e50f4179af4ebf4c93668866d5a5607914fa0a5daa087354c3159d3fa03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains;
last-modified
Fri, 09 Sep 2022 11:46:08 GMT
server
nginx
etag
"631b2780-5ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
content-length
1482
expires
Sun, 27 Nov 2022 00:29:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1207246102564772
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
3f9139c4ff6c45ddad41ba0e1413a06d040a4737fddb145cfb21bd4d6e4145f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtfdetective.com/
Origin
https://wtfdetective.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49399
x-xss-protection
0
server
cafe
etag
1738047637353430508
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 26 Nov 2022 00:29:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
cb5a72458c19bfac2941fccb25d3889dd5417e9cfe1a560f877b6e9d7b7deb01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49331
x-xss-protection
0
server
cafe
etag
11241991808987709896
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 26 Nov 2022 00:29:14 GMT
Corlys-Velaryon-quotes-from-the-house-of-the-dragon-300x239.webp
wtfdetective.com/wp-content/uploads/2022/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtfdetective.com/wp-content/uploads/2022/08/Corlys-Velaryon-quotes-from-the-house-of-the-dragon-300x239.webp
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a23d1de2df9098e17c0cdaf46f57f80ed6ffecdfdc02983445ea70e51c622916
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 05:33:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3125
etag
"2a7c-5e782d6db1500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUGvuzbunVmxqu8O7gPkqU%2BeU2Pf4nXbhFHNJysQ995TKpU997pNgb3Ato4cfHRSJZptxAFY6rZILA91jyjFaxjlZdtMFyVwM%2Bs5ndR5mohfOQfB6SNBX2AH%2FkLgvWKc%2FkoS"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
76fe8238dbaca932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10876
ads.js
wtfdetective.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		78 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:14 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149070
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Nov 2022 02:41:17 GMT
server
cloudflare
etag
W/"637ed9cd-4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoG0dCDDhjOp7pocsbMF7dEOBAxPGbQPkhNwIW9mEM%2BekP3xP%2B2thtkXdchixf5qEqIRexERsidJyBRYqGFM2Jfgfpc8jQjfq8aMLmOkhFgKJx%2FLB7lWuNP3wbi%2FwJBiDth2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76fe8233ad60a932-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
dlm-xhr.min.js
wtfdetective.com/wp-content/plugins/download-monitor/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-content/plugins/download-monitor/assets/js/dlm-xhr.min.js?ver=4.7.52
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf717713dba0780768b2a30a2a385d681836376aaf1396297714b2e30b76447f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:14 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149070
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Nov 2022 02:19:10 GMT
server
cloudflare
etag
W/"637ed49e-1f19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgjtZszfZkvANfW7MdSJhHueygn2sdjj4yCDAzEZO56t6IzGFV9jh2pKBMPyb4ikj6hbWWgPg4PUejRYROOemW0qq9ziBIMB49dQRYOR9ootMXDadZT5%2B4pPm8ZoiFzacFrD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76fe82349eb0a932-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
functions.js
wtfdetective.com/wp-content/themes/basic/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-content/themes/basic/js/functions.js?ver=1
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:14 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149070
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 30 Jan 2021 02:53:11 GMT
server
cloudflare
etag
W/"6014ca17-52b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bz1OEtKyQiMGZu36gOF2NmRocjOzCD17N8qrfsRz3uphvPBpb6HDlYk9sMZoS6%2F05KguyJ1zhgngzeJ7RpM5wA75E1PJg55WcaW75y9XhUfx7za3aAzNxn6eYMX90Sn%2F8M6p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76fe82359fb9a932-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads.js
wtfdetective.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		78 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wtfdetective.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.64.1
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:14 GMT
strict-transport-security
max-age=15768000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149002
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Nov 2022 02:41:17 GMT
server
cloudflare
etag
W/"637ed9cd-4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCusdorAfnSWn%2Fk7odpZTwO2rKg%2FShDe6OTq2CjYwG3AF%2BNwCzr%2B97mwMBbtPrq35QeXCfpVdolVgJc9O7wlZ6GwOXjCFwIMLbet2XHwBRT3ny%2BGcbkWQTK71D4SrslYtkqN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76fe823688e9a932-SYD
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 		354 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
fb7162b5f392bb1ce91069a283086a5106c0b6d9758a1800fd68ec0f05d96f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119170
x-xss-protection
0
server
cafe
etag
8622040246715136833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Nov 2022 00:29:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame B458 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtfdetective.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
82191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 01:39:24 GMT
etag
10353107486223812946
expires
Fri, 09 Dec 2022 01:39:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Daemon-Targaryen-quotes-house-of-the-dragon-hotd-scenes-300x239.webp
wtfdetective.com/wp-content/uploads/2022/08/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtfdetective.com/wp-content/uploads/2022/08/Daemon-Targaryen-quotes-house-of-the-dragon-hotd-scenes-300x239.webp
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb25c7e15db126cee982f28195e5d661ffeda10681e36b5cc6e8ee30ce2a9f7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 05:29:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3125
etag
"3bd0-5e782c70f80c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQTbfLJ98V%2FpEChD6yh3WGk9j92%2BxO9ZuwqcY1UwCFrGeTOjNVa2U3rFCGgJVwz1hd%2FWeiEEE1YuvRyK7W2XFN5om%2BVegwEi%2B2bzS%2FpmKzU1SK7rk8FNjmZoDsBPQw3RDlcN"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
76fe8238fbe4a932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15312
viserys1-300x239.webp
wtfdetective.com/wp-content/uploads/2022/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtfdetective.com/wp-content/uploads/2022/08/viserys1-300x239.webp
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce99f2dff163c78dcd99c372935458f61c4227b32a0ac3778d047731f2a0e8a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 05:24:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3125
etag
"2ba2-5e782b5e4f8c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8cXLAmFpUpVXS1fFZBUiyPrm%2F5qGuKEblq6Ic%2B6MrXMooLomMCBqTRavT%2BDt4WvOErZtLsbRDKlbCNp2KqHMBUsT5gXVoq7Clc4D0TJyyVJwmdBa4cjEwKyUIJL0kYykXQb"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
76fe8239dcf6a932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11170
otto-quotes-hotd-300x239.webp
wtfdetective.com/wp-content/uploads/2022/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtfdetective.com/wp-content/uploads/2022/08/otto-quotes-hotd-300x239.webp
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e638be0afed17d21e70dfb52056e5b0441443caa298cf80a440f3d2f6563b8bf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 05:22:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3124
etag
"218a-5e782aeaea880"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgrgGcTVu0eU%2BDn7wB%2BFlwEC7gH2RPNKwHqNgu2d8Jp0fnwLcUeEDRgAlVuTc4krUKwaZGLMU%2BFKu%2BkQ%2BIGaQ0LZRZWjCp4dLmSu6LCbaCih2zLHf5lpHKU8gsyI2IUVeM5c"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
76fe823baf9aa932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8586
Top-10-Badass-Rhaenyra-Targaryen-Quotes-300x239.webp
wtfdetective.com/wp-content/uploads/2022/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtfdetective.com/wp-content/uploads/2022/08/Top-10-Badass-Rhaenyra-Targaryen-Quotes-300x239.webp
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
162126f51c1cdf79f44ea9504463a0c18e112c62aec0a5d3c086760bb2e644fa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
last-modified
Mon, 22 Aug 2022 04:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3124
etag
"244e-5e6cd07236e80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0jsUj%2F2FujEKPSECk%2BPgHL1N3ksArIdse6HxkSL9oFDjXhUyIRuILvintf7K9OxpyisPPv5v4gmN40E1%2BBTWHi3lE4eUeWm6%2BiWKRGX7VDWM0eBYFIbpYmBHk%2BM0ITMEk6g"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
76fe823baf9ba932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9294
Most-Savage-House-of-the-Dragon-Quotes-and-Sayings-HBO-300x239.webp
wtfdetective.com/wp-content/uploads/2022/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtfdetective.com/wp-content/uploads/2022/08/Most-Savage-House-of-the-Dragon-Quotes-and-Sayings-HBO-300x239.webp
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aae31c5a6a210ffb6388c1210ebee5d8e83a0bef223d8194cbe25a111f5329a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
last-modified
Mon, 22 Aug 2022 04:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3124
etag
"1e78-5e6cca3e58c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9iNwrNn7K6JKdbkZfQ5kFGx%2BhD9sKZL74q8ozclnl7AleHbhtoiQDVy8Q2M6SwXnCQMS4DxTlXK9r%2FoT7qhKF8X424t2iVkMeugcy9vzYxTQTW7exkXIakslyUxCbdyZ%2Bz4"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
76fe823baf9ca932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7800
Top-4-Funny-Anniversary-Jokes-Stories-Clean-267x300.webp
wtfdetective.com/wp-content/uploads/2022/08/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtfdetective.com/wp-content/uploads/2022/08/Top-4-Funny-Anniversary-Jokes-Stories-Clean-267x300.webp
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f853a3103a74e3e692d3c7269dfcad0cf976568b232c51386bd04b85d5b2281f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 04:14:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3124
etag
"29e6-5e6681b25c280"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZKQGijP3tfuE9EkHoTxYOVVyPTCsbI%2FASszhDbagHxcCu3TAiQFQrAMBpRLipOW0XEfWy1228SMS0x2xC0PmmWTTp9wn2AUCRUjFhiK8PhTkwEkYwMyC4hRt0cGsGYQM3zm"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
76fe823baf9da932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10726
Top-40-Quotes-From-The-Umbrella-Academy-Season-3-300x169.webp
wtfdetective.com/wp-content/uploads/2022/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtfdetective.com/wp-content/uploads/2022/07/Top-40-Quotes-From-The-Umbrella-Academy-Season-3-300x169.webp
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e065228764d7d5c3f9b253404b1ada58d1e7240bda81b1da1b59fedaa032fd9b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 03:54:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3123
etag
"2514-5e31aee2af200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oyp5P0rqaT0yemAUK0r9bOwjlnQIzTvBxJL5jpYPcNBSg%2FGsrQQn5nhlSDMSTt86tWWUyfOTXDOXbITd0tHIqQ4USE6nA4L00%2FJ8VLzwzRx8o%2BvzpgotPU8K0IA1NrFLmZYL"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
76fe823c98c3a932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9492
Top-15-Naru-Quotes-from-PREY-2022-Movie-267x300.webp
wtfdetective.com/wp-content/uploads/2022/08/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtfdetective.com/wp-content/uploads/2022/08/Top-15-Naru-Quotes-from-PREY-2022-Movie-267x300.webp
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e54681b57720c94d64dd62e015bda95c297db4b4bba86061b08d546c5225e226
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/category/quotes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:15 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
last-modified
Sat, 06 Aug 2022 03:33:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3124
etag
"4416-5e58a3e7a4000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRMmfCfgh38F5ATpUBXcfUsb7Dn7M9fqFoiC0YhGZAdBV6W2n4fmUWwsRiTVcCqBkf5RAFlXtM18pMByRRiGHX1buYu8izXI8KhgLQM28iB88Dkqg8fMXvNDxzQ1IgGuSk5O"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
76fe823c98c5a932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17430
js
www.googletagmanager.com/gtag/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W0BNMDXV37&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145853476-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e8d490d0000378675d0619018a2b675cd337e0046527732a5dd3f372023c6b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76563
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 26 Nov 2022 00:29:16 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145853476-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 25 Nov 2022 23:53:02 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2174
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 26 Nov 2022 01:53:02 GMT
cookie.js
partner.googleadservices.com/gampad/ 		399 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wtfdetective.com&callback=_gfp_s_&client=ca-pub-1207246102564772&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
0218ff44158511cfc3223e2f4d0c3cb492c064c9012078516b61995ee8176b97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=wtfdetective.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wtfdetective.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DA78 		234 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1207246102564772&output=html&adk=1812271804&adf=3025194257&lmt=1669422555&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwtfdetective.com%2Fcategory%2Fquotes%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669422554926&bpp=23&bdt=1304&idt=1056&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6397490078869&frm=20&pv=2&ga_vid=1445860807.1669422556&ga_sid=1669422556&ga_hid=1765359041&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070969%2C44777948&oid=2&pvsid=3280837340098501&tmod=503374274&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1077
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e1b18d2ed05911966604c0620f4bac573bd25ffc29ba81bcd622d3c2522b4837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtfdetective.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
65100
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 00:29:17 GMT
expires
Sat, 26 Nov 2022 00:29:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W0BNMDXV37&gtm=2oeb90&_p=1765359041&cid=1445860807.1669422556&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669422556&sct=1&seg=0&dl=https%3A%2F%2Fwtfdetective.com%2Fcategory%2Fquotes%2F&dt=Quotes%20%26%20Facts%20%7C&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W0BNMDXV37&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 00:29:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wtfdetective.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1765359041&t=pageview&_s=1&dl=https%3A%2F%2Fwtfdetective.com%2Fcategory%2Fquotes%2F&ul=en-us&de=UTF-8&dt=Quotes%20%26%20Facts%20%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=352941080&gjid=1790299427&cid=1445860807.1669422556&tid=UA-145853476-2&_gid=1730757425.1669422557&_r=1&gtm=2oub90&z=912144557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wtfdetective.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 00:29:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wtfdetective.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/reactive_library_fy2021.js?bust=31070969
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
abd96b7d85271a2b6ac28d3b389b1d1c353191893e8f005616ca0f79707e3470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52278
x-xss-protection
0
server
cafe
etag
12687068211181348219
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Nov 2022 00:29:17 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=wtfdetective.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wtfdetective.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 1499 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtfdetective.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
80984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 01:59:34 GMT
etag
10353107486223812946
expires
Fri, 09 Dec 2022 01:59:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 3417 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtfdetective.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
80984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 01:59:34 GMT
etag
10353107486223812946
expires
Fri, 09 Dec 2022 01:59:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 1499 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Nov 2022 00:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 00:10:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Nov 2022 00:29:19 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1499 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 06:57:29 GMT
x-content-type-options
nosniff
age
63110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 25 Nov 2023 06:57:29 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1499 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 14:46:39 GMT
x-content-type-options
nosniff
age
207760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Nov 2023 14:46:39 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 1499 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 20:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
15695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8086
x-xss-protection
0
server
cafe
etag
7427986489964165156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 20:07:44 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3417 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cl4T53F2BY4_iGsek9QPttbyQBJKh1fNq6J3jmsQQsJAfEAEg_ZjjPWCr7LGF4BigAfHK2uAoyAECqQLwaOOItfikPqgDAcgDyQSqBN4BT9CPzhWfKvrTxAhpdquBhHAEWiCZCPvMsYRzU6jtjNkbN--ih7WdqmgcZCNID6blnRDc3NgVjiMGJoWckIQLofgTqmgBtweUQ-Vv7ifUfQSKFHNjbqm5eF-WjEdNl0UAbRynRMqd7Nm2MxaBctJ3UNpior9yEdBfopMQd-Cp2bDga8IB8jaxfpYL6n-bI3GePYTyQ8S7h1bb2fdM7n-S1cN5TxIZLnEec6QuahLko9HEbMwT23rDYGUC08lDQ6YhXThjuRuSCxVPAK9wuOplVkUpuCIh27daF4QCxVTIwASkoJjmogSgBgKAB_GCq8ADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQueYO0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTEyMDcyNDYxMDI1NjQ3NzIYAA&sigh=YvQ7EF7DjuU&uach_m=[UACH]&cid=CAQSGwDq26N9raBskGlegGP0cUOQ0fciTAZUZhUVtxgBIBM
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 26 Nov 2022 00:29:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 26 Nov 2022 00:29:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 3417 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
29257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 16:21:42 GMT
15872719563478793578
tpc.googlesyndication.com/simgad/ Frame 3417 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15872719563478793578?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk0aSnjING6l9bxjauAfrjpl24amA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
ec158950f8fcf14359e82f86fe7b7b44de90100b45494c5dfbfbd8f8dcec8d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25664
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 23:56:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 26 Nov 2023 00:29:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3417 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 15:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
33925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 15:03:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3417 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
29287
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 16:21:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3417 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 00:29:19 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3417 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 20:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
15695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
cafe
etag
7011066814545187240
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 20:07:44 GMT
css
fonts.googleapis.com/ Frame 48DE 		8 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Nov 2022 00:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 23:51:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Nov 2022 00:29:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 48DE 		2 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
29257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 16:21:42 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 48DE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
29257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 16:21:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 48DE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 15:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
33925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 15:03:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 48DE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
29287
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 16:21:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48DE 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 00:29:19 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 48DE 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 21 Feb 2023 16:38:02 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 13C6 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
591
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 00:19:28 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3417 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ad0f4a3ab782a150b3f4935c6e86423e484ab1f5870a00bc5fe601923220c72

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 13C6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 00:29:20 GMT
expires
Sat, 26 Nov 2022 00:29:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 00:29:20 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 20B7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: wtfdetective.com
URL: https://wtfdetective.com/category/quotes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Nov 2023 02:06:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3417 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviBEsdA01fDoB6s64esLQ13hDRBCP4RCubBCoZVETEB-glMfHFED1AP5THt43ixFOGe0L6g7fcFpOXucYF78qtOIja9hZmME4wIR5L2LhnmNeZoa1iytbEtrtfN89RK2bHGmKQL0jJ7IIZr7llDaDK5slEu__3pmWUZqLOiF8LyvMPgDCEJUzBxFh1YoBNv_mlCqJinGJVTZpOuFAvH338lQZqGi6bnVLLZAJ0RuH53e3kpkuNtDWgAN_z_PyuxhAjAnzz8b01ZkL4kANmCZL1reL-iEUP2IJUQgdBuSvOFT4SQuuGd7NDQ-ptKf3x_WunWOVZsR_Nel6Lvk-ilIEP_Za3dP0qw2cnClDi4tRl_QBoEyBEuH9RWEmvlPqlUHkygEPKwG900qGIFSZjpZ5cPhOWAeKOX3eVrhSzqY-rzlPnIu-UEbfPEujIubDNLnefkofXUVXest0HJLfZu-mcAA5tZGcyo13ozGA33MUmgo52fqEY2RznW_77QKk_A1jP6naD4F_0l7Sed1wTabRwJPbK68mdgnDsjWerYFT7rlLPy-e0ktJzZyTixOHvlOnA1Vl-ToD1dlM4sSZuuSYo31jgg7nkgcPklNAc85RCl8WZLpx71skm6ObdZaTVW3IO3ERIKT2yvIw2obIq6ouJ-QkU9odCXECnSkCK0auFiwDcyAACVnWIWuuxSuPJqhRrU95CzMN34lPk58nNMKApvXHc3AC6L3eeD_QIY98hvMf2_YQu9_6-oZFXwU3bXWx-RBQLaQyHrtQnoQRvBAbhz4fNogeRiwl7eXr-htUJcByYwK2s1MtBOBe4DfLNDD1Com7GPGGtZ62XNALkAiTKxnPMJV4MKolLmVBIX9QD_nckenCMbZqnajU9OB30DFcKtlYu2bek0TpJO-oZb2OSVE1wK1ErtWgy9GLqiQJy2_aBdohND0byRSwZ2IlykfP1ESC_MZY&sai=AMfl-YThnGNBTWhTW0OQ00o4LnBHSXHPNAIfc-b788wzdE3kPVyn1GP-1NSAXGK8xGUigJs9dQX-sm9gPW-giXS7mIJ5v7vBldvSzaFV&sig=Cg0ArKJSzFJceKqhS2STEAE&cid=CAQSGwDq26N9raBskGlegGP0cUOQ0fciTAZUZhUVtxgBIBM&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669422558189&rpt=1575&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 00:29:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js?bust=31070969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://wtfdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12589
x-xss-protection
0
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 1BCA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Nov 2023 02:06:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _wpemojiSettings undefined| $ function| jQuery string| pm_tag string| pm_pid function| gtag object| dataLayer object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_spfd number| google_unique_id object| google_sv_map boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| dlmXHRtranslations object| dlmXHRinstance object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| google_llp number| google_lpabyc object| googletag

8 Cookies

Domain/Path Name / Value
wtfdetective.com/category/quotes Name: quads_browser_width
Value: 1600
.wtfdetective.com/ Name: __gads
Value: ID=f808a7fc9757fe9b-226d6a8da3d800b3:T=1669422556:RT=1669422556:S=ALNI_MZeR-ifcd0m3M_WP-3_AWbVzFQhrg
.wtfdetective.com/ Name: __gpi
Value: UID=00000b8373c16c70:T=1669422556:RT=1669422556:S=ALNI_MbGqs-WZiCogJ7ri76Zru5-e2X1rQ
.wtfdetective.com/ Name: _ga_W0BNMDXV37
Value: GS1.1.1669422556.1.0.1669422556.0.0.0
.wtfdetective.com/ Name: _ga
Value: GA1.2.1445860807.1669422556
.wtfdetective.com/ Name: _gid
Value: GA1.2.1730757425.1669422557
.wtfdetective.com/ Name: _gat_gtag_UA_145853476_2
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnzzwSuquTx4ooo3PaSOedzWDFKfTqEp1ZQuFWB-3NC-tEpnLriscNTZgT-JQY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.nz
adservice.google.com
fonts.googleapis.com
free.xjs.lol
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
wtfdetective.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
tpc.googlesyndication.com
104.21.52.92
108.178.23.114
142.250.4.155
142.250.4.97
142.251.10.132
142.251.10.155
172.217.194.139
172.217.194.154
172.253.118.95
74.125.130.157
74.125.24.94
74.125.24.99
74.125.68.155
0218ff44158511cfc3223e2f4d0c3cb492c064c9012078516b61995ee8176b97
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0ad0f4a3ab782a150b3f4935c6e86423e484ab1f5870a00bc5fe601923220c72
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0cb25c7e15db126cee982f28195e5d661ffeda10681e36b5cc6e8ee30ce2a9f7
162126f51c1cdf79f44ea9504463a0c18e112c62aec0a5d3c086760bb2e644fa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
30e5d133558ae298e355688c5afdfa06a59f1b42676fdecd7fd26bbbc9f9ec6c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
3f9139c4ff6c45ddad41ba0e1413a06d040a4737fddb145cfb21bd4d6e4145f0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
99f43e50f4179af4ebf4c93668866d5a5607914fa0a5daa087354c3159d3fa03
9aae31c5a6a210ffb6388c1210ebee5d8e83a0bef223d8194cbe25a111f5329a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a23d1de2df9098e17c0cdaf46f57f80ed6ffecdfdc02983445ea70e51c622916
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7fba81a4510be9fe7ad6dc107aeda80a76b4841016f4a80e64975650942112b
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
abd96b7d85271a2b6ac28d3b389b1d1c353191893e8f005616ca0f79707e3470
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bf717713dba0780768b2a30a2a385d681836376aaf1396297714b2e30b76447f
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cb5a72458c19bfac2941fccb25d3889dd5417e9cfe1a560f877b6e9d7b7deb01
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
dce99f2dff163c78dcd99c372935458f61c4227b32a0ac3778d047731f2a0e8a
e065228764d7d5c3f9b253404b1ada58d1e7240bda81b1da1b59fedaa032fd9b
e1b18d2ed05911966604c0620f4bac573bd25ffc29ba81bcd622d3c2522b4837
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54681b57720c94d64dd62e015bda95c297db4b4bba86061b08d546c5225e226
e638be0afed17d21e70dfb52056e5b0441443caa298cf80a440f3d2f6563b8bf
e6f0ba3d36b737a52b15764584d63893fec00a22413d0de4cb6d2457ea0c9f09
e8d490d0000378675d0619018a2b675cd337e0046527732a5dd3f372023c6b4d
ec158950f8fcf14359e82f86fe7b7b44de90100b45494c5dfbfbd8f8dcec8d56
ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f853a3103a74e3e692d3c7269dfcad0cf976568b232c51386bd04b85d5b2281f
fb7162b5f392bb1ce91069a283086a5106c0b6d9758a1800fd68ec0f05d96f42