cofonts.com Open in urlscan Pro
63.209.33.213  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

• https://googleads.g.doubleclick.net/pagead/adview?ai=CMd9tR2cMZcXuHuDFxtYPrsiveKmfxdly8qjN8acQy-vwrqM4EAEgisfBeGD9oJmB6AOgAfOKv_0CyAEJqAMByAPLBKoE1QFP0I77C338fPLGnxfNyU5lFD3wjYPFOyb0M-h6FiA2EguV5HLSdaqDKkWQSqkxeYZwZY1Dcs3bssgmaPApO-xVr9s6comJUZX-HYCMXzKE6nxkdPQGIdKO3VdgTJApcpp24Z4H5priRaLeKshGt34wMu3Xwm8KOE_6R_tIWxV8BliiJwYUSWLzhfciWWCY5IR3ohcYo6lBp2Ydz4ELJmSwVcA8x7i9SFyQxmvYKyheq-cT4yTb4J25gsJ6waXMCMzpn8UZNTY681bvS7W3FrQCO3Px2JzABN7bsteeBIgFs53dj0KSBQQIBBgBkgUECAUYBKAGLoAH9fTAggGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCIqFnSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJrQJodHRwczovL3d3dy5hdGxhc3NpYW4uY29tL3NvZnR3YXJlL2ppcmEvc2VydmljZS1tYW5hZ2VtZW50P3V0bV9zb3VyY2U9Z2RuJnV0bV9tZWRpdW09cGFpZC1kaXNwbGF5JnV0bV9jYW1wYWlnbj1QOmpzbXxPOnBwbXxWOmdkbnxHOmNhfEw6ZW58Rjphd2FyZXxEOmRlc2t0b3B8VDpwcm9zcGVjdGluZyZ1dG1fY29udGVudD1QOmpzbXxPOnBwbXxWOmdkbnxHOmNhfEw6ZW58Rjphd2FyZXxUOnByb3NwZWN0aW5nfEE6cmRhfEQ6ZGVza3RvcHxVOmJyYW5kZWRrZXl3b3Jkc19yZGEtY29yZS10aWNrZXRpbmctdGlja2V0aW5nc3lzdGVtgAoByAsBogwMKgoKCOS0sQLutbEC2gwRCgsQ4IiLu4nuv4j8ARICAQO4E-QD2BMNiBQD0BUBmBYBgBcBshccChoIABIUcHViLTI5Njk4OTQxMDk2MzUxMDYYAA&sigh=B84RbCGvKmI&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWPmxa4BAcZXUwwpS-3i7-WCexrcN-_3W-WFD0nnzTVMoN5pwQh8AE7CHD11JTYDQwFzKwiTbqbyryP7NbZ6NKnd9QHK40GxgB&template_id=484&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa831175cd0c1bbf10000000000000000%22,%222%22:%220xe609a1cfcc86cbb50000000000000000%22,%223%22:%220x5546e660f69918a60000000000000000%22,%224%22:%220xdfbeadfdb9a753000000000000000000%22,%225%22:%220x9f6c648b642799030000000000000000%22},%22debug_key%22:%227808282461304305833%22,%22debug_reporting%22:true,%22destination%22:%22https://atlassian.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22800048499%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221343536544300580433%22}&andc=true

Request Chain 96

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1&C=1

Request Chain 97

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQxnSVIyLuWAwh.594ifOQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1&google_hm=2

Request Chain 98

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEGUi73HSsQAHyBrSdI28nLA&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGUi73HSsQAHyBrSdI28nLA%26google_cver%3D1

Request Chain 99

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NjgyMDY1NjE4NzEyNTY5NQ%3D%3D

Request Chain 103

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 106

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

• https://fw.adsafeprotected.com/rfw/st/1138160/72767812/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012106982&ias_pubId=pub-2969894109635106&ias_chanId=1&ias_placementId=20093475778&bidurl=https://cofonts.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gJJxvgbuZfwdp08RiRx3Eq&adContainerId=brand_safety_SWcMZfqMNsSgyQPk0rwo&cbFunctionName=goog_wrapCb_SWcMZfqMNsSgyQPk0rwo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcofonts.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcofonts.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230920%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-3-%26adk%3D318159121%26client%3Dca-pub-2969894109635106%26fa%3D1%26ifi%3D7%26uci%3Da!7%26btvi%3D4%26xpc%3DX6ph8Bkes8%26p%3Dhttps%253A%2F%2Fcofonts.com&adsafe_type=d&adsafe_jsinfo=,id:706307e4-2da4-4b10-ed8f-160d223a5643,c:oPJLYj,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-689ccbfc59-qrjcn,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tQvx59f+11%7C121%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c1%7C1c2%7C1d1%7C1e*.1138160-72767812%7C1e1%7C1e2%7C1e3,idMap:1e*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:39,oid:323368c8-5897-11ee-a3de-92b23d4ca758,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_SWcMZfqMNsSgyQPk0rwo&cbFunctionName=goog_wrapCb_SWcMZfqMNsSgyQPk0rwo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js

Request Chain 148

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJiW6Zxb5F-oG3g65PO2lhw&google_cver=1&google_push=AXcoOmR0fM1F2yziMpBmS5WZY1XTG92Chs6uicSwdfrZIU7ucQ4WYf-dvbp8YYxyhKWVFoFJ_7oHfw59L1-_gYXMM0883l26UPbd-imh HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMxMDQ1NzY1NzE5MzczOTUzNg==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJiW6Zxb5F-oG3g65PO2lhw&google_cver=1

Request Chain 149

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEJINasuXau2Gtz9worvKg7Q&google_cver=1&google_push=AXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHAPabsb&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHAPabsb%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJINasuXau2Gtz9worvKg7Q&google_cver=1&google_push=AXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHAPabsb&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHAPabsb%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 153

• https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECqH0E9smsZpmtGoBN6EICY&google_cver=1&google_push=AXcoOmSAhA55qx4WHAORAuJrOvv1JU0MoxAKbkOwYyI9cWUnL-xUXsnDyT7lPPRen_W2kTerryOJh9VqVR3_asLTuw6HiWNsNSkMBkxcIw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSAhA55qx4WHAORAuJrOvv1JU0MoxAKbkOwYyI9cWUnL-xUXsnDyT7lPPRen_W2kTerryOJh9VqVR3_asLTuw6HiWNsNSkMBkxcIw&google_hm=QlMuNjA4OC03YjVmLTQyOWItODRjMw==

Request Chain 154

• https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEF9uC8PNLxZ0d7RFv5FWcbs&google_cver=1&google_push=AXcoOmRsD_qrx-Cv-5u-iN_V4PDOWwZpaU659VgB6tRHarnTB8sooaVtlHJrv90EJpXR-eFwOVxwWg9ZZvjSBzOIe17fzQVfwWvQumov HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRsD_qrx-Cv-5u-iN_V4PDOWwZpaU659VgB6tRHarnTB8sooaVtlHJrv90EJpXR-eFwOVxwWg9ZZvjSBzOIe17fzQVfwWvQumov&google_hm=Mjc5MjE5MDYwNDY5NzA5MDQyMQ==

Request Chain 158

• https://googleads.g.doubleclick.net/pagead/adview?ai=CfmA4SWcMZY7pIoKWxtYPtpisoAfr25W6cMaK0sG0D8CNtwEQASCKx8F4YP2gmYHoA6AB6t-71wLIAQmpAkRNXDTa16g-qAMByAPLBKoE4QFP0Jx2qaTDtUw2bjQ7GdH7DM1IW_bBK5VRfZBo9HW1rJDljAnHEIjUKbZkOYYx4OhPwERAJPlIWM4xM3EH2RnK7QKK9oLHrLccU6sLsj2lNLoekRlOYPMht9jevIZ0iePrNxH-QgZMVBDTKXG5-T6NFxf8YYjTCS6ovdjYLalG-LGrVjnvs5J9jXx5Fl_DbOV6qpfJk64LfqyjUI6qVB2wANq1aOeB_gtYnx7DEiAzGvk2nDhRrXfeqToLjLBfaQRVYUaH3pVpRqmIZvFYmqHOAxowAvaSNBFeybFYgDI8XUPABMPDn6a0AogFoNnLgxiSBQQIBBgBkgUECAUYBKAGLoAH_p_EqAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCotxfSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJIGh0dHBzOi8vd3d3Lm9mZnRoZWdyb3VuZGluay5jb20vgAoByAsB2gwQCgoQkOXD-dH26ZtSEgIBA7gTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItMjk2OTg5NDEwOTYzNTEwNhgA&sigh=-der6Jqt9HA&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW4O_UgQVILY5hEKTx2289P2xKEgHLMrUqUvAb8DtcElCSDtsFAb0x2Edcx0AslQYgrajM6EkKGAE&template_id=520&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc1ebd6b93f97ec960000000000000000%22,%222%22:%220xc5e4b39228d1ef60000000000000000%22,%223%22:%220x1aef89f0d7f23d90000000000000000%22,%224%22:%220x4baf3cf5f90f60370000000000000000%22,%225%22:%220x88a4537c89d395f50000000000000000%22},%22debug_key%22:%2215984169151547466082%22,%22debug_reporting%22:true,%22destination%22:%22https://offthegroundink.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22720302058%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213368148099440305585%22}&andc=true

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
12 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cofonts.com/	75 KB 76 KB	125ms 31ms	Document text/html	63.209.33.213 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.209.33.213 Piscataway, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 63.209.33.213.vultrusercontent.com Software nginx / Resource Hash 46a045d44924450f9bfa51411ea738c8422b46b63a151417465983b8097bd2a0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-type text/html; charset=UTF-8 date Thu, 21 Sep 2023 15:54:47 GMT last-modified Thu, 21 Sep 2023 10:29:42 GMT server nginx vary Accept-Encoding
GET H2	200	style.min.css cdn.cofonts.com/wp-includes/css/dist/block-library/	95 KB 15 KB	128ms 46ms	Stylesheet text/css	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.cofonts.com/wp-includes/css/dist/block-library/style.min.css Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding br x-downloadsize 97517 cdn-edgestorageid 925 cdn-cachedat 09/01/2023 14:53:51 cdn-pullzone 175983 x-bo-server ASB-194 last-modified Fri, 01 Sep 2023 14:53:51 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding x-bo-origindownloadtime 19 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid fa06de5209a59c23f60c98eb221ed28c cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	default.css cdn.cofonts.com/wp-content/plugins/tablepress/css/build/	6 KB 3 KB	135ms 53ms	Stylesheet text/css	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.cofonts.com/wp-content/plugins/tablepress/css/build/default.css Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 45b29aec66af2114223df5787a5ed0f5323f34b943472a51a50d2b933585d8d8 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding br x-downloadsize 6091 cdn-edgestorageid 925 x-bo-processingtime 4 cdn-cachedat 08/24/2023 01:03:03 cdn-pullzone 175983 x-bo-server ASB-197 last-modified Thu, 24 Aug 2023 01:03:03 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding x-bo-origindownloadtime 6 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid b830f86855193aa0b1168af2a0cfde91 cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	style.css cdn.cofonts.com/wp-content/themes/tgen-theme-/	45 KB 12 KB	137ms 55ms	Stylesheet text/css	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.cofonts.com/wp-content/themes/tgen-theme-/style.css Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 9e2078bc50a2a5d476f0753e21bb293c69da6c9443bb6ebfabae929a6ffdeb3f Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding br x-downloadsize 60751 cdn-edgestorageid 925 x-bo-processingtime 18 cdn-cachedat 08/24/2023 01:03:03 cdn-pullzone 175983 x-bo-server ASB-192 last-modified Thu, 24 Aug 2023 01:03:03 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding x-bo-origindownloadtime 39 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 1d7941d7288eb6e4fd28ab397b168e26 cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	responsive.css cdn.cofonts.com/wp-content/themes/tgen-theme-/css/	11 KB 4 KB	132ms 51ms	Stylesheet text/css	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.cofonts.com/wp-content/themes/tgen-theme-/css/responsive.css Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 4f7b78e7e135bff79ebc495a68f15d75ce5d6b2eb1afbba89902991102f6b7a0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding br x-downloadsize 15710 cdn-edgestorageid 925 x-bo-processingtime 6 cdn-cachedat 08/24/2023 01:03:03 cdn-pullzone 175983 x-bo-server ASB-210 last-modified Thu, 24 Aug 2023 01:03:03 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding x-bo-origindownloadtime 8 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 9ba4df65322a22493f35495288b6d890 cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	font-awesome.min.css cdn.cofonts.com/wp-content/themes/tgen-theme-/css/	30 KB 8 KB	113ms 32ms	Stylesheet text/css	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.cofonts.com/wp-content/themes/tgen-theme-/css/font-awesome.min.css Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding br x-downloadsize 30933 cdn-edgestorageid 925 cdn-cachedat 09/13/2023 00:57:06 cdn-pullzone 175983 x-bo-server ASB-192 last-modified Wed, 13 Sep 2023 00:57:06 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding x-bo-origindownloadtime 28 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 513c4d68790910d5ccd6b47923f98803 cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	style.css cdn.cofonts.com/wp-content/plugins/colorlib-404-customizer/templates/template_02/css/	3 KB 2 KB	133ms 52ms	Stylesheet text/css	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.cofonts.com/wp-content/plugins/colorlib-404-customizer/templates/template_02/css/style.css Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash b936272752198e3a0a4492e5a782440acee2f8e8a16f555fd56f1f20989f5410 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding br x-downloadsize 3812 cdn-edgestorageid 925 x-bo-processingtime 6 cdn-cachedat 08/24/2023 01:03:03 cdn-pullzone 175983 x-bo-server ASB-199 last-modified Thu, 24 Aug 2023 01:03:03 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding x-bo-origindownloadtime 8 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 737403b8055bc9f3a026fc5657b8163d cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	118ms 46ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&ver=6d8ae5b3da5da42ca0894954bd959fa0 Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash 3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 21 Sep 2023 15:54:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 21 Sep 2023 14:36:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 21 Sep 2023 15:54:47 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 728 B	119ms 47ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:500|Roboto:normal&subset=latin Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 21 Sep 2023 15:54:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 21 Sep 2023 15:27:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 21 Sep 2023 15:54:47 GMT
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 72a208396335fcc225e18f6a615449ee9e0b1f934e3de380436940aca8fbe7bd Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	129ms 55ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash e1f4eac60b7e1843ebf8e0c006142f85345248ae918e975f3f19780f62f77303 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50627 x-xss-protection 0 server cafe etag 6275876197371312902 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Thu, 21 Sep 2023 15:54:47 GMT
GET H2	200	lazyload.min.js Show response cdn.cofonts.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/	8 KB 4 KB	32ms 32ms	Script application/javascript	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.cofonts.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding br x-downloadsize 8291 cdn-edgestorageid 925 cdn-cachedat 08/24/2023 01:03:03 cdn-pullzone 175983 x-bo-server ASB-205 last-modified Thu, 24 Aug 2023 01:03:03 GMT server BunnyCDN-ASB1-925 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding, Accept-Encoding x-bo-origindownloadtime 33 content-type application/javascript cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 cdn-requestid d7260752983873dd71eaffc997b83c5d cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	nobg.png cdn.cofonts.com/wp-content/themes/tgen-theme-/images/	72 B 548 B	42ms 42ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/themes/tgen-theme-/images/nobg.png Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash a401bf42b76acb849a8a0852f293b536d7b0fc6433aa5bf3c74afe1576203878 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 68 cdn-edgestorageid 925 x-bo-processingtime 0 cdn-cachedat 08/24/2023 01:03:03 cdn-pullzone 175983 content-length 72 x-bo-server ASB-196 last-modified Thu, 24 Aug 2023 01:03:03 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 6 content-type image/webp cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 2225f09d4047d68173491bc0d1e3f5a9 cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	111ms 36ms	Font font/woff2	142.251.16.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&ver=6d8ae5b3da5da42ca0894954bd959fa0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f94.1e100.net Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cofonts.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 03:43:58 GMT x-content-type-options nosniff age 216649 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Sep 2024 03:43:58 GMT
GET H2	200	fontawesome-webfont.woff2 cdn.cofonts.com/wp-content/themes/tgen-theme-/fonts/	75 KB 76 KB	112ms 47ms	Font font/woff2	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.cofonts.com/wp-content/themes/tgen-theme-/fonts/fontawesome-webfont.woff2 Requested by Host: cdn.cofonts.com URL: https://cdn.cofonts.com/wp-content/themes/tgen-theme-/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://cdn.cofonts.com/wp-content/themes/tgen-theme-/css/font-awesome.min.css Origin https://cofonts.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT cdn-edgestorageid 925 cdn-cachedat 05/25/2023 23:18:53 cdn-pullzone 175983 content-length 77160 last-modified Mon, 04 Jul 2022 16:07:56 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "62c3105c-12d68" content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 0545de0e4dc859f75a402a7e56c2fd80 accept-ranges bytes cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6a67aa10652ce7d4f352b7dfd0d430c89025359bb0a99c95be47a6d3123079a3 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 48bb13329d623c6a6c2d6fadd4d731980f629fc649cf4b9c6387c188e5ecca51 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/	379 KB 129 KB	72ms 72ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash 21d468c13f52a3b9b421af357711c9d8bb0e695534c67a420fc37f825bea976a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131531 x-xss-protection 0 server cafe etag 17253141359551993202 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 21 Sep 2023 15:54:47 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame 1282	10 KB 5 KB	108ms 35ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 62181 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 20 Sep 2023 22:38:26 GMT etag 2603938475786422795 expires Wed, 04 Oct 2023 22:38:26 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	my-logo.png cdn.cofonts.com/wp-content/uploads/2018/09/	3 KB 3 KB	33ms 32ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/uploads/2018/09/my-logo.png Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 3b4ef1c519cc469556c72f4f625232dea77d004948a1ff1b9b7d3c8e5fbce664 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 6635 cdn-edgestorageid 925 x-bo-processingtime 0 cdn-cachedat 09/09/2023 12:57:41 cdn-pullzone 175983 content-length 2784 x-bo-server ASB-207 last-modified Sat, 09 Sep 2023 12:57:41 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 22 content-type image/webp cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 58.04% cdn-requestid 007366bc4ed76ccce89a7ccd9dbbbd47 cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	gomawo-font-770x297.webp cdn.cofonts.com/wp-content/uploads/2022/11/	20 KB 20 KB	148ms 146ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/uploads/2022/11/gomawo-font-770x297.webp Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 461ae18cfa3c1352b4b6a91560c27fd03e8f517d3011d5d5905a9bab06e013b4 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 21426 cdn-edgestorageid 925 x-bo-processingtime 3 cdn-cachedat 09/21/2023 15:54:47 cdn-pullzone 175983 content-length 20246 x-bo-server ASB-256 last-modified Thu, 21 Sep 2023 15:54:47 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 27 content-type image/webp cdn-cache MISS cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 5.51% cdn-requestid bc41328a9649c792a327129369309f63 cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ganama-font-370x297.webp cdn.cofonts.com/wp-content/uploads/2022/11/	7 KB 8 KB	168ms 167ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/uploads/2022/11/ganama-font-370x297.webp Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 9d827b01575e1edef3c1e42db217e0930df6fe66739a5ab77d939a8ca211a9b8 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 8652 cdn-edgestorageid 925 x-bo-processingtime 1 cdn-cachedat 09/21/2023 15:54:47 cdn-pullzone 175983 content-length 7520 x-bo-server ASB-196 last-modified Thu, 21 Sep 2023 15:54:47 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 21 content-type image/webp cdn-cache MISS cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 13.08% cdn-requestid 898bad716d7946fa4fbe2b95fd1dbb8b cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Sunday-Suspense-Font-feature-370x297.webp cdn.cofonts.com/wp-content/uploads/2023/08/	4 KB 4 KB	34ms 33ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/uploads/2023/08/Sunday-Suspense-Font-feature-370x297.webp Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 1fe001dd93bd74885c07e3e25ea00ff2d9978f14ecd91ed181ae6af34f5fb334 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 4296 cdn-edgestorageid 925 x-bo-processingtime 1 cdn-cachedat 09/20/2023 10:16:16 cdn-pullzone 175983 content-length 3708 x-bo-server ASB-202 last-modified Wed, 20 Sep 2023 10:16:16 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 6 content-type image/webp cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 13.69% cdn-requestid 59691cf2d9a7be219c0797e15b55efc2 cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	netech-font-370x297.webp cdn.cofonts.com/wp-content/uploads/2022/11/	4 KB 5 KB	101ms 100ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/uploads/2022/11/netech-font-370x297.webp Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 40bb89220800a45105673f14801a69ba077d6522b0ecd0059d22da005fe16fb2 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 5018 cdn-edgestorageid 925 x-bo-processingtime 1 cdn-cachedat 09/15/2023 20:41:16 cdn-pullzone 175983 content-length 4320 x-bo-server ASB-192 last-modified Fri, 15 Sep 2023 20:41:16 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 22 content-type image/webp cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 13.91% cdn-requestid 233ce929f162f4135c21309574e5f6e7 cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Amichan-Font-feature-370x297.webp cdn.cofonts.com/wp-content/uploads/2023/08/	2 KB 3 KB	36ms 35ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/uploads/2023/08/Amichan-Font-feature-370x297.webp Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 533446d5d3c567579f068804fe04405122ef0913a1b4f2340a9159b6f153a01a Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 2992 cdn-edgestorageid 925 x-bo-processingtime 1 cdn-cachedat 09/14/2023 15:14:39 cdn-pullzone 175983 content-length 2426 x-bo-server ASB-197 last-modified Thu, 14 Sep 2023 15:14:39 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 21 content-type image/webp cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 18.92% cdn-requestid d450778b6f60b1dc1c0f4428aa6d35bd cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Arigatou-Gozaimasu-Font-feature-370x297.webp cdn.cofonts.com/wp-content/uploads/2023/08/	6 KB 6 KB	37ms 36ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/uploads/2023/08/Arigatou-Gozaimasu-Font-feature-370x297.webp Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 6caffd3b2794e1ff50f58f11e89e3d1401f2d3d7ec8d5e20f94b99517e92f2a6 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 6528 cdn-edgestorageid 925 x-bo-processingtime 1 cdn-cachedat 09/13/2023 10:20:45 cdn-pullzone 175983 content-length 5986 x-bo-server ASB-208 last-modified Wed, 13 Sep 2023 10:20:45 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 22 content-type image/webp cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 8.3% cdn-requestid c37a13c9a94bb4b854086606ce76bc0e cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	scrubadoo-font-370x297.webp cdn.cofonts.com/wp-content/uploads/2022/11/	6 KB 7 KB	35ms 34ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/uploads/2022/11/scrubadoo-font-370x297.webp Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 68961f38dd562d4b9e416087b6babdb49e63be9d2fd3ff346678af76787b4f4a Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 7348 cdn-edgestorageid 925 x-bo-processingtime 1 cdn-cachedat 09/12/2023 14:38:41 cdn-pullzone 175983 content-length 6480 x-bo-server ASB-203 last-modified Tue, 12 Sep 2023 14:38:41 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 6 content-type image/webp cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 11.81% cdn-requestid a7f90452b7c8197b7a020183450d3cbf cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Tattoo-Font-feature-370x297.webp cdn.cofonts.com/wp-content/uploads/2023/08/	4 KB 4 KB	37ms 37ms	Image image/webp	37.19.207.34 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cofonts.com/wp-content/uploads/2023/08/Tattoo-Font-feature-370x297.webp Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 37-19-207-34.bunnyinfra.net Software BunnyCDN-ASB1-925 / Resource Hash 77e8ec6b22b73f762465e2054c3c0d1876d97af80e1d3ce75d69341828c0c30b Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT x-downloadsize 4340 cdn-edgestorageid 925 x-bo-processingtime 1 cdn-cachedat 09/11/2023 12:39:43 cdn-pullzone 175983 content-length 3748 x-bo-server ASB-204 last-modified Mon, 11 Sep 2023 12:39:43 GMT server BunnyCDN-ASB1-925 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 27 content-type image/webp cdn-cache HIT cdn-uid b85b1f70-91be-4a3d-aae3-0e6197b0090d cache-control public, max-age=2592000 x-bo-compressionratio 13.64% cdn-requestid bb0461abf22aa51a6149380b257d3d74 cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	389 B 601 B	116ms 44ms	Script text/javascript	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=cofonts.com&callback=_gfp_s_&client=ca-pub-2969894109635106 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash 5962cf73a5001a85e0b934a7c7d6cddcc20de2fcce5d6fa0acfb8e3d23a85fb2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:47 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 249 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0D2E	109 KB 38 KB	1046ms 1045ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 7dc51584c6698c8c43e4236f64dec5d19ddcdf89cc980c8c6dee4ed6b5ae7441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 38773 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:54:48 GMT expires Thu, 21 Sep 2023 15:54:48 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1CB2	496 KB 97 KB	1784ms 1784ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&adk=318159125&adf=2184669829&lmt=1695317382&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fcofonts.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687347&bpp=2&bdt=227&idt=126&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1170x280&nras=1&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=136 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 790c77435dddde87ff5d5d486800dae97841b2c8be3bce186c6c619858b74db8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 98790 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:54:49 GMT expires Thu, 21 Sep 2023 15:54:49 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame 0D2E	4 KB 751 B	46ms 45ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 21 Sep 2023 15:54:48 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 21 Sep 2023 15:44:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 21 Sep 2023 15:54:48 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 0D2E	2 KB 973 B	116ms 38ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:49:11 GMT content-encoding br x-content-type-options nosniff age 65137 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:49:11 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 0D2E	23 KB 9 KB	114ms 39ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:10 GMT content-encoding br x-content-type-options nosniff age 65198 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:10 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 0D2E	3 KB 1 KB	127ms 52ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 0D2E	20 KB 8 KB	110ms 35ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0D2E	182 KB 57 KB	333ms 257ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software sffe / Resource Hash 2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:48 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58105 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695209545430561" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Sep 2023 15:54:48 GMT
GET H2	200	9041af033b7a690ba70e3134a2c135bf.js Show response www.gstatic.com/mysidia/ Frame 0D2E	36 KB 15 KB	109ms 36ms	Script text/javascript	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:00:06 GMT content-encoding gzip x-content-type-options nosniff age 78882 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15189 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 19 Dec 2023 18:00:06 GMT
GET H2	200	5137674679326688767 tpc.googlesyndication.com/simgad/ Frame 0D2E	21 KB 22 KB	122ms 60ms	Image image/png	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5137674679326688767 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash 6d5dfd63ad545559689be96cce7fd7f7d053b26a59b4c485d722ce402f37999c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:48 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21905 x-xss-protection 0 last-modified Mon, 20 Jun 2022 23:13:40 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 20 Sep 2024 15:54:48 GMT
GET H2	200	8570220616136686132 tpc.googlesyndication.com/simgad/ Frame 0D2E	3 KB 3 KB	115ms 53ms	Image image/png	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8570220616136686132?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash a7f80ca3d6685110cb7f5a291e5c31e6a48bb361c7b6c0e32a8ed9f6384556e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:00:31 GMT x-content-type-options nosniff age 3257 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2728 x-xss-protection 0 last-modified Wed, 13 Jul 2022 15:54:00 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 20 Sep 2024 15:00:31 GMT
GET DATA	200 OK	truncated / Frame 0D2E	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5ce1faada32033d05f4aa077b94096c35e2feb3ac3db7eaa32335d737f64b31f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 0D2E	16 KB 16 KB	37ms 36ms	Font font/woff2	142.251.16.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f94.1e100.net Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 01:01:01 GMT x-content-type-options nosniff age 226427 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Sep 2024 01:01:01 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 0D2E	15 KB 15 KB	41ms 40ms	Font font/woff2	142.251.16.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f94.1e100.net Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 03:43:58 GMT x-content-type-options nosniff age 216650 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Sep 2024 03:43:58 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 0D2E Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CMd9tR2cMZcXuHuDFxtYPrsiveKmfxdly8qjN8acQy-vwrqM4EAEgisfBeGD9oJmB6AOgAfOKv_0CyAEJqAMByAPLBKoE1QFP0I77C338fPLGnxfNyU5lFD3wjYPFOyb0M-h6FiA2EguV5HL... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa831175cd0c1bbf10000000000000000%22,%222%22:%220xe609a1cfcc86cbb50000000000000000%22,%223%22:%220x5546e6...	0 0	123ms 49ms	Fetch text/css	172.253.62.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa831175cd0c1bbf10000000000000000%22,%222%22:%220xe609a1cfcc86cbb50000000000000000%22,%223%22:%220x5546e660f69918a60000000000000000%22,%224%22:%220xdfbeadfdb9a753000000000000000000%22,%225%22:%220x9f6c648b642799030000000000000000%22},%22debug_key%22:%227808282461304305833%22,%22debug_reporting%22:true,%22destination%22:%22https://atlassian.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22800048499%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221343536544300580433%22}&andc=true Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H3 Server 172.253.62.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bc-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0xa831175cd0c1bbf10000000000000000","2":"0xe609a1cfcc86cbb50000000000000000","3":"0x5546e660f69918a60000000000000000","4":"0xdfbeadfdb9a753000000000000000000","5":"0x9f6c648b642799030000000000000000"},"debug_key":"7808282461304305833","debug_reporting":true,"destination":"https://atlassian.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["800048499"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"1343536544300580433"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 21 Sep 2023 15:54:49 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Thu, 21 Sep 2023 15:54:49 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa831175cd0c1bbf10000000000000000","2":"0xe609a1cfcc86cbb50000000000000000","3":"0x5546e660f69918a60000000000000000","4":"0xdfbeadfdb9a753000000000000000000","5":"0x9f6c648b642799030000000000000000"},"debug_key":"7808282461304305833","debug_reporting":true,"destination":"https://atlassian.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["800048499"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"1343536544300580433"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response pagead2.googlesyndication.com/bg/ Frame F58B	37 KB 14 KB	36ms 35ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2969894109635106&output=html&h=280&slotname=8839754722&adk=3786272713&adf=3563764105&pi=t.ma~as.8839754722&w=1170&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&format=1170x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311687329&bpp=3&bdt=208&idt=118&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=5666459124369&frm=20&pv=2&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yhhTuWQy9M&p=https%3A//cofonts.com&dtd=136 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software sffe / Resource Hash 85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:39:33 GMT content-encoding br x-content-type-options nosniff age 76516 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14709 x-xss-protection 0 last-modified Mon, 18 Sep 2023 15:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 19 Sep 2024 18:39:33 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	123ms 48ms	Preflight text/html	172.253.62.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa831175cd0c1bbf10000000000000000%22,%222%22:%220xe609a1cfcc86cbb50000000000000000%22,%223%22:%220x5546e660f69918a60000000000000000%22,%224%22:%220xdfbeadfdb9a753000000000000000000%22,%225%22:%220x9f6c648b642799030000000000000000%22},%22debug_key%22:%227808282461304305833%22,%22debug_reporting%22:true,%22destination%22:%22https://atlassian.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22800048499%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221343536544300580433%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.62.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bc-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Thu, 21 Sep 2023 15:54:49 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	122ms 51ms	XHR application/json	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash 86cc3c86c559c25b47945502a493aa011925841b6d0d308cc2df163f8a119ef5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12104 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/	154 KB 52 KB	57ms 57ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash 216220e2746921d58da2dee173e8277dbf3665d8b54b8338bb5e9b66c5fe05f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53717 x-xss-protection 0 server cafe etag 3214771494225604065 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 21 Sep 2023 15:54:49 GMT
GET H2	200	ca-pub-2969894109635106 Show response fundingchoicesmessages.google.com/i/	155 KB 51 KB	158ms 72ms	Script application/javascript	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-2969894109635106?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash d2d4920121b48e2c4676d5cc5d89560a8b8388e061b1a562e8327f3a882b564b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-2iUOlgD1erxCHqDB10Ok1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-security-policy script-src 'report-sample' 'nonce-2iUOlgD1erxCHqDB10Ok1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	36ms 36ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 21 Sep 2023 15:54:49 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame B070	13 KB 5 KB	37ms 35ms	Document text/html	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 142989 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 20 Sep 2023 00:11:40 GMT expires Thu, 19 Sep 2024 00:11:40 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 97E8	829 B 1 KB	129ms 56ms	Document text/html	142.251.16.103 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.103 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f103.1e100.net Software GSE / Resource Hash 9c24b043277512e637635f73b65733fa043962cc51e87daa4fed33436619395d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-q9hiY2ERTOwryZt4g7myAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-q9hiY2ERTOwryZt4g7myAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:54:49 GMT expires Thu, 21 Sep 2023 15:54:49 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 463C	145 KB 45 KB	942ms 941ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 7527aeb6c71e891dd319cd750aec7905c32b23f7d8429cfef5b605625063b35c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 45804 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:54:50 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 6490	10 KB 4 KB	36ms 35ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 54029 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 00:54:20 GMT etag 2603938475786422795 expires Thu, 05 Oct 2023 00:54:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 7384	10 KB 4 KB	36ms 35ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 54029 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 00:54:20 GMT etag 2603938475786422795 expires Thu, 05 Oct 2023 00:54:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 4295	10 KB 4 KB	36ms 35ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 54029 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 00:54:20 GMT etag 2603938475786422795 expires Thu, 05 Oct 2023 00:54:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 1B77	10 KB 4 KB	35ms 35ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cofonts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 54029 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 00:54:20 GMT etag 2603938475786422795 expires Thu, 05 Oct 2023 00:54:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	AGSKWxXaWiPv6DFt9vQ2AVKWQXnbssD8rYhF73ZqItuNUKPkgT-ppueexdhzZg1R6Rro1D1ES_gMouq1oAxK4r8iKaIG3v1zAdctxb1sZkgB7kh0VXaNnPn-r2QIx0zmdw76jLiQtVs39g== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	72ms 71ms	Script application/javascript	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXaWiPv6DFt9vQ2AVKWQXnbssD8rYhF73ZqItuNUKPkgT-ppueexdhzZg1R6Rro1D1ES_gMouq1oAxK4r8iKaIG3v1zAdctxb1sZkgB7kh0VXaNnPn-r2QIx0zmdw76jLiQtVs39g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MzExNjg5LDU5NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jb2ZvbnRzLmNvbS8iLG51bGwsW1s4LCJBLWpMSGc2QUJydyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash 9a594114c5962e01db8288582e4a3d4f7dbd6ecb88c91295287dd52861f07443 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-AQXeV1SOeUYC0rIBpURaJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-security-policy script-src 'report-sample' 'nonce-AQXeV1SOeUYC0rIBpURaJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	css2 fonts.googleapis.com/ Frame 6490	4 KB 671 B	46ms 46ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 21 Sep 2023 15:54:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 21 Sep 2023 14:58:29 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 21 Sep 2023 15:54:49 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6490	205 B 519 B	37ms 36ms	Image image/png	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 12:03:14 GMT x-content-type-options nosniff age 13895 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 20 Sep 2024 12:03:14 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6490	604 B 696 B	37ms 36ms	Image image/png	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Fri, 15 Sep 2023 05:38:40 GMT x-content-type-options nosniff age 555369 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 14 Sep 2024 05:38:40 GMT
GET H3	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame 6490	15 KB 6 KB	36ms 35ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 07:06:45 GMT content-encoding br x-content-type-options nosniff age 31684 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6551 x-xss-protection 0 server cafe etag 511223485441000916 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Oct 2023 07:06:45 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame 6490	20 KB 8 KB	38ms 37ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 07:06:45 GMT content-encoding br x-content-type-options nosniff age 31684 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8566 x-xss-protection 0 server cafe etag 5625731030761120726 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Oct 2023 07:06:45 GMT
GET H2	200	2ab36c0d951b69d9c04f85f5eb613648.js Show response www.gstatic.com/mysidia/ Frame 7384	9 KB 4 KB	36ms 35ms	Script text/javascript	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Fri, 15 Sep 2023 05:27:20 GMT content-encoding gzip x-content-type-options nosniff age 556049 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3933 x-xss-protection 0 last-modified Wed, 06 Sep 2023 19:29:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 14 Dec 2023 05:27:20 GMT
GET H2	200	eb24e5338fb35f0e823aa45ca63cea7d.js Show response www.gstatic.com/mysidia/ Frame 7384	11 KB 5 KB	37ms 37ms	Script text/javascript	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight_ms Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Fri, 15 Sep 2023 05:57:53 GMT content-encoding gzip x-content-type-options nosniff age 554216 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4726 x-xss-protection 0 last-modified Tue, 12 Sep 2023 00:15:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 14 Dec 2023 05:57:53 GMT
GET H3	200	css fonts.googleapis.com/ Frame 7384	14 KB 1 KB	48ms 47ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 21 Sep 2023 15:54:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 21 Sep 2023 14:40:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 21 Sep 2023 15:54:49 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 7384	2 KB 892 B	38ms 36ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:49:11 GMT content-encoding br x-content-type-options nosniff age 65138 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:49:11 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 7384	23 KB 9 KB	43ms 42ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:10 GMT content-encoding br x-content-type-options nosniff age 65199 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:10 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 7384	3 KB 1 KB	38ms 36ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65201 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 7384	20 KB 8 KB	39ms 37ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65201 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7384	182 KB 57 KB	41ms 40ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software sffe / Resource Hash 2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58105 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695209545430561" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Sep 2023 15:54:49 GMT
GET H2	200	9041af033b7a690ba70e3134a2c135bf.js Show response www.gstatic.com/mysidia/ Frame 7384	36 KB 15 KB	36ms 35ms	Script text/javascript	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:00:06 GMT content-encoding gzip x-content-type-options nosniff age 78883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15189 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 19 Dec 2023 18:00:06 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 4295	2 KB 892 B	55ms 55ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:49:11 GMT content-encoding br x-content-type-options nosniff age 65138 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:49:11 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 4295	23 KB 9 KB	56ms 56ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:10 GMT content-encoding br x-content-type-options nosniff age 65199 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:10 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 4295	3 KB 1 KB	55ms 54ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65201 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 4295	20 KB 8 KB	37ms 37ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65201 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4295	182 KB 57 KB	42ms 41ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software sffe / Resource Hash 2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58105 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695209545430561" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Sep 2023 15:54:49 GMT
GET H2	200	9041af033b7a690ba70e3134a2c135bf.js Show response www.gstatic.com/mysidia/ Frame 4295	36 KB 15 KB	37ms 36ms	Script text/javascript	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:00:06 GMT content-encoding gzip x-content-type-options nosniff age 78883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15189 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 19 Dec 2023 18:00:06 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame A8BB	624 B 245 B	52ms 50ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjTxKjxATAB&v=APEucNWxwaevbLS7SxAeul5T68OJTQwKM24DSpVRyeD85RfAZ31-6-ItxOYu0rmHZP8aPJOrQMkdnsIVFK6pHKbHeSvrR6HXBQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:54:49 GMT expires Thu, 21 Sep 2023 15:54:49 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 1B77	89 KB 31 KB	54ms 53ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash 4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31438 x-xss-protection 0 server cafe etag 13183557946744512263 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 21 Sep 2023 15:54:49 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B77	42 B 63 B	49ms 48ms	Image image/gif	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-tkU7srl0smxlrP96nqK3MtIqS6JSOa2cFCXITYRkdJTG3AREimiG0R7hKWl36r_Q9-0YLO5vobw52uVBTPuvZaMFQVzaPdg8XyX0hNcXkspc5f8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B77	0 20 B	48ms 47ms	Image image/gif	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7927075023218183692&x=1&ct=76 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 1B77	3 KB 1 KB	53ms 52ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65201 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 1B77	20 KB 8 KB	37ms 36ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65201 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1B77	182 KB 57 KB	47ms 45ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software sffe / Resource Hash 2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58105 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695209545430561" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Sep 2023 15:54:49 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 97E8	0 0	62ms 61ms	Image text/html	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=3813212816509856&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H3	200	tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response pagead2.googlesyndication.com/bg/ Frame B070	37 KB 14 KB	35ms 35ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software sffe / Resource Hash b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:44:56 GMT content-encoding br x-content-type-options nosniff age 76193 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14772 x-xss-protection 0 last-modified Mon, 18 Sep 2023 15:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 19 Sep 2024 18:44:56 GMT
GET H3	200	AGSKWxXosInMrjGjk2llUjsKYYM_PCsmswk9ZX2osoGHmuWaj8yDuM_Nb5Z3fYzKqv2niUegltHXeYFigKdjyqU_zzwQvVPIfAAbN9XW3RqZHQ6hiT5UNgEj3UH6_YavoK3HPsJXvKsH7g== Show response fundingchoicesmessages.google.com/f/	13 KB 6 KB	85ms 84ms	Script application/javascript	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXosInMrjGjk2llUjsKYYM_PCsmswk9ZX2osoGHmuWaj8yDuM_Nb5Z3fYzKqv2niUegltHXeYFigKdjyqU_zzwQvVPIfAAbN9XW3RqZHQ6hiT5UNgEj3UH6_YavoK3HPsJXvKsH7g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MzExNjg5LDY5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vY29mb250cy5jb20vIixudWxsLFtbOCwiQS1qTEhnNkFCcnciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash f9eadfc8b372ba9da48b3ec21c0008b61007c112f288bff638455bf0e562805d Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9YTVk6aOS3Ll3By5M0a8SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9YTVk6aOS3Ll3By5M0a8SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4916	143 B 166 B	35ms 35ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 927 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:39:22 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	css fonts.googleapis.com/ Frame FF3A	14 KB 1 KB	46ms 46ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 21 Sep 2023 15:54:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 21 Sep 2023 15:04:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 21 Sep 2023 15:54:49 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame FF3A	2 KB 892 B	36ms 35ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:49:11 GMT content-encoding br x-content-type-options nosniff age 65138 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:49:11 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame FF3A	23 KB 9 KB	35ms 35ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:10 GMT content-encoding br x-content-type-options nosniff age 65199 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:10 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 8A82	143 B 166 B	36ms 36ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 927 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:39:22 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame FF3A	3 KB 1 KB	35ms 35ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65201 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame FF3A	20 KB 8 KB	36ms 35ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65201 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame FF3A	182 KB 57 KB	43ms 43ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software sffe / Resource Hash 2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58105 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695209545430561" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Sep 2023 15:54:49 GMT
GET H3	200	9041af033b7a690ba70e3134a2c135bf.js Show response www.gstatic.com/mysidia/ Frame FF3A	36 KB 15 KB	37ms 36ms	Script text/javascript	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:00:06 GMT content-encoding gzip x-content-type-options nosniff age 78883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15189 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 19 Dec 2023 18:00:06 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame A8BB Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1&C=1	43 B 332 B	55ms 55ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjTxKjxATAB&v=APEucNWxwaevbLS7SxAeul5T68OJTQwKM24DSpVRyeD85RfAZ31-6-ItxOYu0rmHZP8aPJOrQMkdnsIVFK6pHKbHeSvrR6HXBQ Protocol H2 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jphy3UR40fYzgtk0meZg1JhY1dD2Z0KciIDT5JmxQ02O2v6JuyBb%2BeuDtnPTyP9F9YrIAioYQ0U5DI1HcgaiHiDAl53ntiUujLIwsXcDIF78R9Sbct9wft8FJVXJUJENolCByfXkB4liew%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80a37d2e4cd436b0-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8BcTIjmY6KcEZErOlq4b6gFXnaF%2FpAvoXr%2BEpBBXeWtTDWkwh3Hkz7gXa00i5ZHN7hhxa4zL0saYmvfyCUsuDxm%2BiEc%2Bda8nftWuvzqcGyUXP15KALb0WoCdKNbe3UvNRcZsBSB23JjVg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1&C=1 cache-control no-cache cf-ray 80a37d2ddc0a36b0-YYZ alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame A8BB Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQxnSVIyLuWAwh.594ifOQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1&google_hm=2	43 B 768 B	49ms 49ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjTxKjxATAB&v=APEucNWxwaevbLS7SxAeul5T68OJTQwKM24DSpVRyeD85RfAZ31-6-ItxOYu0rmHZP8aPJOrQMkdnsIVFK6pHKbHeSvrR6HXBQ Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5g82XL1XMcUSZqbtfTAbgojz3KTKweBo8dvJEssJWldmfxWogRwSz%2FOSRZc87HCylt95I5KYZ%2BJH7zDMI1QjQCTpjTLyhbCl8RWiwf0XQjvc962pZoVLfzh8CVWrfCVXI4AaOwdV9smUGQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80a37d2f0dc239de-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL9D8l1MLO5Ohf14YZwfv8g&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame A8BB Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEGUi73HSsQAHyBrSdI28nLA&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGUi73HSsQAHyBrSdI28nLA%26google_cver%3D1	43 B 895 B	53ms 53ms	Image image/gif	68.67.160.114 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGUi73HSsQAHyBrSdI28nLA%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjTxKjxATAB&v=APEucNWxwaevbLS7SxAeul5T68OJTQwKM24DSpVRyeD85RfAZ31-6-ItxOYu0rmHZP8aPJOrQMkdnsIVFK6pHKbHeSvrR6HXBQ Protocol H2 Server 68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT an-x-request-uuid e293615d-7b7c-4826-ae2e-0f2f88834d38 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 37.19.213.220; 37.19.213.220; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT an-x-request-uuid 7fc6175a-c5d3-4c8c-8666-1fcb311ea07f server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGUi73HSsQAHyBrSdI28nLA%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 37.19.213.220; 37.19.213.220; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A8BB Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NjgyMDY1NjE4NzEyNTY5NQ%3D%3D	170 B 188 B	46ms 46ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NjgyMDY1NjE4NzEyNTY5NQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjTxKjxATAB&v=APEucNWxwaevbLS7SxAeul5T68OJTQwKM24DSpVRyeD85RfAZ31-6-ItxOYu0rmHZP8aPJOrQMkdnsIVFK6pHKbHeSvrR6HXBQ Protocol H3 Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT an-x-request-uuid fad37897-ee26-4556-8397-18250b9c2d32 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NjgyMDY1NjE4NzEyNTY5NQ%3D%3D x-proxy-origin 37.19.213.220; 37.19.213.220; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B77	0 20 B	47ms 47ms	Ping image/gif	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7942103544476&version=m202309120101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B77	0 20 B	47ms 47ms	Ping image/gif	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7942103544476&version=m202309120101&ct=76&x=1&cor=7927075023218184000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 1B77	106 KB 40 KB	88ms 87ms	Script text/javascript	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3We_ta_vsR2fLkUpP1bISd40wjkcQ8ZhS2xdrXg5OOg1wn-BP7gf8Q8Sckr9t2g1yUXuS4VUUS1VxWEKhVzOSU4AXn73iqP9WkorCKELn626nb3KEt-3HRdln9YK4oZxm0T9LjVVn5XdnKf0n4MsKGb2DVqBe_eGSRV2kcBNHtySCR1U&dbm_d=AKAmf-CzJZ7PMTTOUGS8461ITafYqhxVyQjj22GqpeDGyc4n01Lja80BDpHV74CPTbYMd4VoMNCRUHyP66glmtfjim7JNb7RrBrXS0RlS01exjxBd7_0kq05AnafuUXRTIWzWDMkR-JLhh0CZC3tYyv6Fwopr5KS5mmey8cwHZ1bKMXsx7apDIOVkxXNjJMnwMGW5LRe7my6eUP_rfGf6CkEaxN3mdwTUMf5zhceGUows93my6PGntNqUctirtYUGwRH_Vzbi6CCTpz_39u2Rn2Gw0v7AShxGUbfinA63UJUygq5c_UY_5sqMMQEOCx-7A73QoQpMTzmhBzq8dOjz5-xzL7agK5atn_1vpNZ3glozi1wL6jeXsub23RttdrR0t8Ein6XEyjWg7NYUj9MGnu9N4iB0Qga2htjTkBmx_Kpw7aJJAaaNAdNTULJL8JkT3-TpwsgLFdNSUup-iyl1IqjoX7qmM3FF_noeKOtqbbSYCHh1QFQYXt9rIjjizsSSIZJ5e09OycOBihsqM3S_ClqCR-IYfDrt_Wg8stYO1zS_skW7PI2gWqd6vJoDOWgYbNtXvXSrGzhJWbwFcjcQlD47jQx_iC-daoGSNRAlhPs6tEO--HDb6kyxEASnRDcBJw0V2m1xo7cydVIEYjCCZmpKPfA8-WFyMFkJCnvYMGTRbgayOeSTZxl-ISliIoesFEYc7y_-pUPUKAIC1ltg7MaVslkEvQRtS3LiHCACSTJT4xpiDVBLN_6GNhnODrD1k5w7PuZ6zivzM_Iau2X_5_9ImVdXSg5DDg7XsUVo2zPClwYYzDA-XsHmWpfu7zVXIGsKMKyHnigVtuNYie_wq8Hz9W4GA2VgiEMmmPSmFro3zhUWw3m-cuxoOYVjun1rmyG4N1tNx_fq263sZK53dM2b3Y5mFxd2NaiCQKbmt7UhYEh_ABD2H3CCtPIEdc0bnf3VXgCn6d-IL5EbNDGglhmepUAXOm_iBdd-qSoEr-hGfUMKQ9irHa3wkfizCYrpLIyATG-nZB18vCxVJCqpejgyBUv__xnZ7lMj9RQyeyTjo66-dEpAgrU0gGJyI_wuxBmOPX_oVev-FbZ4NRvJ3mp90duKSCDqZe6FP5YPCqfZ-BGiM-287_t0WBQRH46iSCgqieRzw4B_jrNYBQpItNuwqeK4Grha-1y5UvGDGdHaa7Tp8rVzd9JXwiTt0QmYIO36sxZTBrIQXLNApb8n2lfR6Ub8XTwJQmypcmy0rEogDrBj4rRT6-FU1Rm1pbe4WQSVyrq_INq2MM2CQ9zo38TOPRMDdENZ808KNMmhp0wXcURc-KKLdGUpNlt1aJk5W5KMJtgrri5XolTjUxcTqxfyJ6Em8Ve6RZ5M5jeLjrukY6se7Jo1FuMU6SpDspP2Kuyu37FgrAOUVBssiBKTA0zPQjuEoVLkNvoM7_ngldtmhfwspP5V3r9IxRDHgmC2ezcG89ORdpMS3oWxXNYBlrLMUdn6Ze0GEQjJ_z1y1PTggrAvvsKUSj5gYw_THbwZ_Ck4EbIu72kwE7wOYngvCxvnWKsP9ymf6VRPlhsRTGnUajaAuohnBilv85JfyZoX-cOEmkMOdIuh2n6vnJgA-SN15ifd5UQXGJ-8IN9cqHWxaEYw7BbV_r-IJX6BBhmYr4caCbgxg64YARaxUs2O5t9NTBi8wqPySwY5zs53GSQNOWuAstJaWiCL4uUySYpfUmiPVv5rcU9VTkZ9iDOoqLwVur3I4WLKby8migdxanF0HdlYQMp8A_OU0Nikf2w7-D1OE_-KUqtJnOn51M97u7673-xXVLSjWG0CpwDt4NnuMBfb8wYI9TxXbzAT2ntcgLFzm1BxZ2gMDX7OxN7mAEzDMWNFfZ9LyCrJdboqXN8e_Yni4b5xLjDYGxuJQQ8xxuiuD3PpdLr3wqrHZXnECVX3l-f2qXG1dcbXd3c_TiLzACm7wiNqh2TS0ML2dPsmCkCmQTc-FopWMPCsS0kv_uKoftlJlsHx9G2olh2vtfF16DMMZMtAibggInnv9KTnMughfZJpk230ZunIGShpZI18Ad7ZwkZB4XI0c5NxcsUTQFxle96KX-koUVjyermF7nzKqsL3XKfz_ywK7vIHGLjpRTZvaiZ7IcRn5JallokeyFShEDrxb6FK9q5UXhc_UewpHBCYZ3I_Lc4L_4O_JcBnG3vLHKjHS_y2Pxz0YW9RiWOEVUF3agMpuoDUuTAkbcTKloU1HrMQeLUuK0nGdJsbRXABp7XbKSes8O6wT-hX5Sa-gStPi895zu1vbAxWdxY6Un1pA215vvLiAabw-xcTQ5inU-vML-ueveqmN1YorZVDi5nlLJEIuN0yFA_-IFfPHivFrvWJxi41p6s97r4y2lpvudS2as83BTSDUtX2nPtqeAZwhc09pRB1nDK2gdTTwh6sTNFhCOVbYij_TUjS8EJM9foYWrtQHChbIWQItwXZTy3PxDKHINH3viDl-C2FikXgFEzI7Z31bBO3hTyCwLh_r3PdNy6Ya7cuZf7H1e1WQl0x33lyXqll8zOnvEBGtIhtBH3YlOkIbfj5NyiG6WWPaqG8_pNhcmuU_PCughTgA52YujtHwgt5euJPYhsrwYqUv-FjqRbYxDBFcIRKHhyLDXnEnQ9tgbGNgkUcljGzeg4xukrzsFb5Q1g0VL8dPDYpq_hi38eAuSouCZyxeiXCiyhfPEW92V1nk1TWKH9zCR34yDFlVH4OgLXwR54YdBe6POXWpa7dt54iVBvcyXbFJeIq5UE8UcxAWHP1GRSNdx33b0xBqXSNkQKc-BTvVsLRMSJfTcyZSVsHTE-1GmBanCRVb1oB7ebAlLVNAMBFtxjz3jCxFiGDPwkECeHZLikXn0DixRjy06W4K3L_YxatzqUTM86Bw2LaBBbpn4I3Gy_MKyZ8iQ51as-anRnCxHMavbFN_LYOPqQRZFnGyomdMdKjSuQrT2VpDxd5_YX87dINDIyrAN0shYcg3pG1cdnZjOXzkk_riqabDKShG9XO4ibGLBgOlk5O31lomVK_LPexUGhD7sXeTYqM_xQ4_J4B1OSSlrgurA3bFiLlYjr8XnRycr1vTbni_JPYudVgq2ACmEmwpwKCNvSI2svaqnVLeKJJ-ENwI47LxT8fbFzAKe2Zg6kSqANt9ylyZA1HZP71SHe7jFIDS37VysThAKznHmPCt3sHbeMsix8_X8O6DmuRNrryWi6-977iu7EKW2LEYTRk71QTCMLNmEFeuo-bnOBJoAB_1VixsM36wWnKqVJro4rhv8vKCL1rssArABXsyOvk5lEGBmH_gWEgftaeCLZaSfeq5uV8YhOuGRuJTr_c9mcb7iJjAs1pHm25grMBCBxPsSZUzEsfnRadnzfXojC4d2X-cHNwGrqOKyCmbZQ96ZCiTa-asa6lkYtUWrvqNuyD7NVGK-G4cF5CPHQDFzeUUVr0i7kiK3-ZdCQcKSLUtm9Pg4g45vn18odrAPRxc6cJiosMsUB4JZN_6DfyDEv&cid=CAQSSwBpAlJWo_8HErdyJ9y0aHiwkykDNxnXsX_lZAvW5HGsjE0LIiTZbEATZ-kmp_VrHz800r2svELL7CANZ66z5EXe51L979kzqZagmBgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fcofonts.com%2F&ds=l&xdt=1&iif=1&cor=7927075023218184000&adk=188044589&idt=70&cac=0&dtd=21 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash 78eba776e33e0371200df10952a4371527165bada78179b6867867fd9ff6e237 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4916 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	54ms 53ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:54:49 GMT expires Thu, 21 Sep 2023 15:54:49 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:54:49 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response pagead2.googlesyndication.com/bg/ Frame FDF0	37 KB 14 KB	35ms 35ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software sffe / Resource Hash 85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:39:33 GMT content-encoding br x-content-type-options nosniff age 76516 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14709 x-xss-protection 0 last-modified Mon, 18 Sep 2023 15:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 19 Sep 2024 18:39:33 GMT
GET H3	200	hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response pagead2.googlesyndication.com/bg/ Frame D107	37 KB 14 KB	35ms 35ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software sffe / Resource Hash 85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:39:33 GMT content-encoding br x-content-type-options nosniff age 76516 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14709 x-xss-protection 0 last-modified Mon, 18 Sep 2023 15:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 19 Sep 2024 18:39:33 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 8A82 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	54ms 50ms	Document text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:54:50 GMT expires Thu, 21 Sep 2023 15:54:50 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:54:49 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response pagead2.googlesyndication.com/bg/ Frame 78D0	37 KB 14 KB	35ms 34ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software sffe / Resource Hash 85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:39:33 GMT content-encoding br x-content-type-options nosniff age 76516 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14709 x-xss-protection 0 last-modified Mon, 18 Sep 2023 15:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 19 Sep 2024 18:39:33 GMT
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1138160/72767812/ Frame 1B77	249 KB 75 KB	116ms 42ms	Script application/javascript	23.23.9.104 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1138160/72767812/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012106982&ias_pubId=pub-2969894109635106&ias_chanId=1&ias_placementId=20093475778&bidurl=https://cofonts.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gJJxvgbuZfwdp08RiRx3Eq Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.23.9.104 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-23-9-104.compute-1.amazonaws.com Software / Resource Hash a65746de0375bd71a4aa8d94df4a7ccae35adca5ed35ea5eb10a6536231d3e0c Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 1B77	111 KB 39 KB	111ms 36ms	Script text/javascript	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 05:45:41 GMT content-encoding gzip x-content-type-options nosniff age 36549 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 22 Sep 2023 05:45:41 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame 1B77	11 KB 4 KB	45ms 44ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3We_ta_vsR2fLkUpP1bISd40wjkcQ8ZhS2xdrXg5OOg1wn-BP7gf8Q8Sckr9t2g1yUXuS4VUUS1VxWEKhVzOSU4AXn73iqP9WkorCKELn626nb3KEt-3HRdln9YK4oZxm0T9LjVVn5XdnKf0n4MsKGb2DVqBe_eGSRV2kcBNHtySCR1U&dbm_d=AKAmf-CzJZ7PMTTOUGS8461ITafYqhxVyQjj22GqpeDGyc4n01Lja80BDpHV74CPTbYMd4VoMNCRUHyP66glmtfjim7JNb7RrBrXS0RlS01exjxBd7_0kq05AnafuUXRTIWzWDMkR-JLhh0CZC3tYyv6Fwopr5KS5mmey8cwHZ1bKMXsx7apDIOVkxXNjJMnwMGW5LRe7my6eUP_rfGf6CkEaxN3mdwTUMf5zhceGUows93my6PGntNqUctirtYUGwRH_Vzbi6CCTpz_39u2Rn2Gw0v7AShxGUbfinA63UJUygq5c_UY_5sqMMQEOCx-7A73QoQpMTzmhBzq8dOjz5-xzL7agK5atn_1vpNZ3glozi1wL6jeXsub23RttdrR0t8Ein6XEyjWg7NYUj9MGnu9N4iB0Qga2htjTkBmx_Kpw7aJJAaaNAdNTULJL8JkT3-TpwsgLFdNSUup-iyl1IqjoX7qmM3FF_noeKOtqbbSYCHh1QFQYXt9rIjjizsSSIZJ5e09OycOBihsqM3S_ClqCR-IYfDrt_Wg8stYO1zS_skW7PI2gWqd6vJoDOWgYbNtXvXSrGzhJWbwFcjcQlD47jQx_iC-daoGSNRAlhPs6tEO--HDb6kyxEASnRDcBJw0V2m1xo7cydVIEYjCCZmpKPfA8-WFyMFkJCnvYMGTRbgayOeSTZxl-ISliIoesFEYc7y_-pUPUKAIC1ltg7MaVslkEvQRtS3LiHCACSTJT4xpiDVBLN_6GNhnODrD1k5w7PuZ6zivzM_Iau2X_5_9ImVdXSg5DDg7XsUVo2zPClwYYzDA-XsHmWpfu7zVXIGsKMKyHnigVtuNYie_wq8Hz9W4GA2VgiEMmmPSmFro3zhUWw3m-cuxoOYVjun1rmyG4N1tNx_fq263sZK53dM2b3Y5mFxd2NaiCQKbmt7UhYEh_ABD2H3CCtPIEdc0bnf3VXgCn6d-IL5EbNDGglhmepUAXOm_iBdd-qSoEr-hGfUMKQ9irHa3wkfizCYrpLIyATG-nZB18vCxVJCqpejgyBUv__xnZ7lMj9RQyeyTjo66-dEpAgrU0gGJyI_wuxBmOPX_oVev-FbZ4NRvJ3mp90duKSCDqZe6FP5YPCqfZ-BGiM-287_t0WBQRH46iSCgqieRzw4B_jrNYBQpItNuwqeK4Grha-1y5UvGDGdHaa7Tp8rVzd9JXwiTt0QmYIO36sxZTBrIQXLNApb8n2lfR6Ub8XTwJQmypcmy0rEogDrBj4rRT6-FU1Rm1pbe4WQSVyrq_INq2MM2CQ9zo38TOPRMDdENZ808KNMmhp0wXcURc-KKLdGUpNlt1aJk5W5KMJtgrri5XolTjUxcTqxfyJ6Em8Ve6RZ5M5jeLjrukY6se7Jo1FuMU6SpDspP2Kuyu37FgrAOUVBssiBKTA0zPQjuEoVLkNvoM7_ngldtmhfwspP5V3r9IxRDHgmC2ezcG89ORdpMS3oWxXNYBlrLMUdn6Ze0GEQjJ_z1y1PTggrAvvsKUSj5gYw_THbwZ_Ck4EbIu72kwE7wOYngvCxvnWKsP9ymf6VRPlhsRTGnUajaAuohnBilv85JfyZoX-cOEmkMOdIuh2n6vnJgA-SN15ifd5UQXGJ-8IN9cqHWxaEYw7BbV_r-IJX6BBhmYr4caCbgxg64YARaxUs2O5t9NTBi8wqPySwY5zs53GSQNOWuAstJaWiCL4uUySYpfUmiPVv5rcU9VTkZ9iDOoqLwVur3I4WLKby8migdxanF0HdlYQMp8A_OU0Nikf2w7-D1OE_-KUqtJnOn51M97u7673-xXVLSjWG0CpwDt4NnuMBfb8wYI9TxXbzAT2ntcgLFzm1BxZ2gMDX7OxN7mAEzDMWNFfZ9LyCrJdboqXN8e_Yni4b5xLjDYGxuJQQ8xxuiuD3PpdLr3wqrHZXnECVX3l-f2qXG1dcbXd3c_TiLzACm7wiNqh2TS0ML2dPsmCkCmQTc-FopWMPCsS0kv_uKoftlJlsHx9G2olh2vtfF16DMMZMtAibggInnv9KTnMughfZJpk230ZunIGShpZI18Ad7ZwkZB4XI0c5NxcsUTQFxle96KX-koUVjyermF7nzKqsL3XKfz_ywK7vIHGLjpRTZvaiZ7IcRn5JallokeyFShEDrxb6FK9q5UXhc_UewpHBCYZ3I_Lc4L_4O_JcBnG3vLHKjHS_y2Pxz0YW9RiWOEVUF3agMpuoDUuTAkbcTKloU1HrMQeLUuK0nGdJsbRXABp7XbKSes8O6wT-hX5Sa-gStPi895zu1vbAxWdxY6Un1pA215vvLiAabw-xcTQ5inU-vML-ueveqmN1YorZVDi5nlLJEIuN0yFA_-IFfPHivFrvWJxi41p6s97r4y2lpvudS2as83BTSDUtX2nPtqeAZwhc09pRB1nDK2gdTTwh6sTNFhCOVbYij_TUjS8EJM9foYWrtQHChbIWQItwXZTy3PxDKHINH3viDl-C2FikXgFEzI7Z31bBO3hTyCwLh_r3PdNy6Ya7cuZf7H1e1WQl0x33lyXqll8zOnvEBGtIhtBH3YlOkIbfj5NyiG6WWPaqG8_pNhcmuU_PCughTgA52YujtHwgt5euJPYhsrwYqUv-FjqRbYxDBFcIRKHhyLDXnEnQ9tgbGNgkUcljGzeg4xukrzsFb5Q1g0VL8dPDYpq_hi38eAuSouCZyxeiXCiyhfPEW92V1nk1TWKH9zCR34yDFlVH4OgLXwR54YdBe6POXWpa7dt54iVBvcyXbFJeIq5UE8UcxAWHP1GRSNdx33b0xBqXSNkQKc-BTvVsLRMSJfTcyZSVsHTE-1GmBanCRVb1oB7ebAlLVNAMBFtxjz3jCxFiGDPwkECeHZLikXn0DixRjy06W4K3L_YxatzqUTM86Bw2LaBBbpn4I3Gy_MKyZ8iQ51as-anRnCxHMavbFN_LYOPqQRZFnGyomdMdKjSuQrT2VpDxd5_YX87dINDIyrAN0shYcg3pG1cdnZjOXzkk_riqabDKShG9XO4ibGLBgOlk5O31lomVK_LPexUGhD7sXeTYqM_xQ4_J4B1OSSlrgurA3bFiLlYjr8XnRycr1vTbni_JPYudVgq2ACmEmwpwKCNvSI2svaqnVLeKJJ-ENwI47LxT8fbFzAKe2Zg6kSqANt9ylyZA1HZP71SHe7jFIDS37VysThAKznHmPCt3sHbeMsix8_X8O6DmuRNrryWi6-977iu7EKW2LEYTRk71QTCMLNmEFeuo-bnOBJoAB_1VixsM36wWnKqVJro4rhv8vKCL1rssArABXsyOvk5lEGBmH_gWEgftaeCLZaSfeq5uV8YhOuGRuJTr_c9mcb7iJjAs1pHm25grMBCBxPsSZUzEsfnRadnzfXojC4d2X-cHNwGrqOKyCmbZQ96ZCiTa-asa6lkYtUWrvqNuyD7NVGK-G4cF5CPHQDFzeUUVr0i7kiK3-ZdCQcKSLUtm9Pg4g45vn18odrAPRxc6cJiosMsUB4JZN_6DfyDEv&cid=CAQSSwBpAlJWo_8HErdyJ9y0aHiwkykDNxnXsX_lZAvW5HGsjE0LIiTZbEATZ-kmp_VrHz800r2svELL7CANZ66z5EXe51L979kzqZagmBgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fcofonts.com%2F&ds=l&xdt=1&iif=1&cor=7927075023218184000&adk=188044589&idt=70&cac=0&dtd=21 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:45 GMT content-encoding br x-content-type-options nosniff age 65164 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:45 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 1B77	30 KB 11 KB	41ms 41ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3We_ta_vsR2fLkUpP1bISd40wjkcQ8ZhS2xdrXg5OOg1wn-BP7gf8Q8Sckr9t2g1yUXuS4VUUS1VxWEKhVzOSU4AXn73iqP9WkorCKELn626nb3KEt-3HRdln9YK4oZxm0T9LjVVn5XdnKf0n4MsKGb2DVqBe_eGSRV2kcBNHtySCR1U&dbm_d=AKAmf-CzJZ7PMTTOUGS8461ITafYqhxVyQjj22GqpeDGyc4n01Lja80BDpHV74CPTbYMd4VoMNCRUHyP66glmtfjim7JNb7RrBrXS0RlS01exjxBd7_0kq05AnafuUXRTIWzWDMkR-JLhh0CZC3tYyv6Fwopr5KS5mmey8cwHZ1bKMXsx7apDIOVkxXNjJMnwMGW5LRe7my6eUP_rfGf6CkEaxN3mdwTUMf5zhceGUows93my6PGntNqUctirtYUGwRH_Vzbi6CCTpz_39u2Rn2Gw0v7AShxGUbfinA63UJUygq5c_UY_5sqMMQEOCx-7A73QoQpMTzmhBzq8dOjz5-xzL7agK5atn_1vpNZ3glozi1wL6jeXsub23RttdrR0t8Ein6XEyjWg7NYUj9MGnu9N4iB0Qga2htjTkBmx_Kpw7aJJAaaNAdNTULJL8JkT3-TpwsgLFdNSUup-iyl1IqjoX7qmM3FF_noeKOtqbbSYCHh1QFQYXt9rIjjizsSSIZJ5e09OycOBihsqM3S_ClqCR-IYfDrt_Wg8stYO1zS_skW7PI2gWqd6vJoDOWgYbNtXvXSrGzhJWbwFcjcQlD47jQx_iC-daoGSNRAlhPs6tEO--HDb6kyxEASnRDcBJw0V2m1xo7cydVIEYjCCZmpKPfA8-WFyMFkJCnvYMGTRbgayOeSTZxl-ISliIoesFEYc7y_-pUPUKAIC1ltg7MaVslkEvQRtS3LiHCACSTJT4xpiDVBLN_6GNhnODrD1k5w7PuZ6zivzM_Iau2X_5_9ImVdXSg5DDg7XsUVo2zPClwYYzDA-XsHmWpfu7zVXIGsKMKyHnigVtuNYie_wq8Hz9W4GA2VgiEMmmPSmFro3zhUWw3m-cuxoOYVjun1rmyG4N1tNx_fq263sZK53dM2b3Y5mFxd2NaiCQKbmt7UhYEh_ABD2H3CCtPIEdc0bnf3VXgCn6d-IL5EbNDGglhmepUAXOm_iBdd-qSoEr-hGfUMKQ9irHa3wkfizCYrpLIyATG-nZB18vCxVJCqpejgyBUv__xnZ7lMj9RQyeyTjo66-dEpAgrU0gGJyI_wuxBmOPX_oVev-FbZ4NRvJ3mp90duKSCDqZe6FP5YPCqfZ-BGiM-287_t0WBQRH46iSCgqieRzw4B_jrNYBQpItNuwqeK4Grha-1y5UvGDGdHaa7Tp8rVzd9JXwiTt0QmYIO36sxZTBrIQXLNApb8n2lfR6Ub8XTwJQmypcmy0rEogDrBj4rRT6-FU1Rm1pbe4WQSVyrq_INq2MM2CQ9zo38TOPRMDdENZ808KNMmhp0wXcURc-KKLdGUpNlt1aJk5W5KMJtgrri5XolTjUxcTqxfyJ6Em8Ve6RZ5M5jeLjrukY6se7Jo1FuMU6SpDspP2Kuyu37FgrAOUVBssiBKTA0zPQjuEoVLkNvoM7_ngldtmhfwspP5V3r9IxRDHgmC2ezcG89ORdpMS3oWxXNYBlrLMUdn6Ze0GEQjJ_z1y1PTggrAvvsKUSj5gYw_THbwZ_Ck4EbIu72kwE7wOYngvCxvnWKsP9ymf6VRPlhsRTGnUajaAuohnBilv85JfyZoX-cOEmkMOdIuh2n6vnJgA-SN15ifd5UQXGJ-8IN9cqHWxaEYw7BbV_r-IJX6BBhmYr4caCbgxg64YARaxUs2O5t9NTBi8wqPySwY5zs53GSQNOWuAstJaWiCL4uUySYpfUmiPVv5rcU9VTkZ9iDOoqLwVur3I4WLKby8migdxanF0HdlYQMp8A_OU0Nikf2w7-D1OE_-KUqtJnOn51M97u7673-xXVLSjWG0CpwDt4NnuMBfb8wYI9TxXbzAT2ntcgLFzm1BxZ2gMDX7OxN7mAEzDMWNFfZ9LyCrJdboqXN8e_Yni4b5xLjDYGxuJQQ8xxuiuD3PpdLr3wqrHZXnECVX3l-f2qXG1dcbXd3c_TiLzACm7wiNqh2TS0ML2dPsmCkCmQTc-FopWMPCsS0kv_uKoftlJlsHx9G2olh2vtfF16DMMZMtAibggInnv9KTnMughfZJpk230ZunIGShpZI18Ad7ZwkZB4XI0c5NxcsUTQFxle96KX-koUVjyermF7nzKqsL3XKfz_ywK7vIHGLjpRTZvaiZ7IcRn5JallokeyFShEDrxb6FK9q5UXhc_UewpHBCYZ3I_Lc4L_4O_JcBnG3vLHKjHS_y2Pxz0YW9RiWOEVUF3agMpuoDUuTAkbcTKloU1HrMQeLUuK0nGdJsbRXABp7XbKSes8O6wT-hX5Sa-gStPi895zu1vbAxWdxY6Un1pA215vvLiAabw-xcTQ5inU-vML-ueveqmN1YorZVDi5nlLJEIuN0yFA_-IFfPHivFrvWJxi41p6s97r4y2lpvudS2as83BTSDUtX2nPtqeAZwhc09pRB1nDK2gdTTwh6sTNFhCOVbYij_TUjS8EJM9foYWrtQHChbIWQItwXZTy3PxDKHINH3viDl-C2FikXgFEzI7Z31bBO3hTyCwLh_r3PdNy6Ya7cuZf7H1e1WQl0x33lyXqll8zOnvEBGtIhtBH3YlOkIbfj5NyiG6WWPaqG8_pNhcmuU_PCughTgA52YujtHwgt5euJPYhsrwYqUv-FjqRbYxDBFcIRKHhyLDXnEnQ9tgbGNgkUcljGzeg4xukrzsFb5Q1g0VL8dPDYpq_hi38eAuSouCZyxeiXCiyhfPEW92V1nk1TWKH9zCR34yDFlVH4OgLXwR54YdBe6POXWpa7dt54iVBvcyXbFJeIq5UE8UcxAWHP1GRSNdx33b0xBqXSNkQKc-BTvVsLRMSJfTcyZSVsHTE-1GmBanCRVb1oB7ebAlLVNAMBFtxjz3jCxFiGDPwkECeHZLikXn0DixRjy06W4K3L_YxatzqUTM86Bw2LaBBbpn4I3Gy_MKyZ8iQ51as-anRnCxHMavbFN_LYOPqQRZFnGyomdMdKjSuQrT2VpDxd5_YX87dINDIyrAN0shYcg3pG1cdnZjOXzkk_riqabDKShG9XO4ibGLBgOlk5O31lomVK_LPexUGhD7sXeTYqM_xQ4_J4B1OSSlrgurA3bFiLlYjr8XnRycr1vTbni_JPYudVgq2ACmEmwpwKCNvSI2svaqnVLeKJJ-ENwI47LxT8fbFzAKe2Zg6kSqANt9ylyZA1HZP71SHe7jFIDS37VysThAKznHmPCt3sHbeMsix8_X8O6DmuRNrryWi6-977iu7EKW2LEYTRk71QTCMLNmEFeuo-bnOBJoAB_1VixsM36wWnKqVJro4rhv8vKCL1rssArABXsyOvk5lEGBmH_gWEgftaeCLZaSfeq5uV8YhOuGRuJTr_c9mcb7iJjAs1pHm25grMBCBxPsSZUzEsfnRadnzfXojC4d2X-cHNwGrqOKyCmbZQ96ZCiTa-asa6lkYtUWrvqNuyD7NVGK-G4cF5CPHQDFzeUUVr0i7kiK3-ZdCQcKSLUtm9Pg4g45vn18odrAPRxc6cJiosMsUB4JZN_6DfyDEv&cid=CAQSSwBpAlJWo_8HErdyJ9y0aHiwkykDNxnXsX_lZAvW5HGsjE0LIiTZbEATZ-kmp_VrHz800r2svELL7CANZ66z5EXe51L979kzqZagmBgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fcofonts.com%2F&ds=l&xdt=1&iif=1&cor=7927075023218184000&adk=188044589&idt=70&cac=0&dtd=21 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:45 GMT content-encoding br x-content-type-options nosniff age 65164 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11587 x-xss-protection 0 server cafe etag 192838463742493612 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:45 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 1B77	41 KB 13 KB	42ms 41ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Sat, 16 Sep 2023 06:48:08 GMT content-encoding br x-content-type-options nosniff age 464801 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 15 Sep 2024 06:48:08 GMT
GET DATA	200 OK	truncated / Frame 1B77	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ac04685c799580abb643ca26cfddc3917e6e26a19b2b1bbf757e500bf91ede7a Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/png
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0D2E	42 B 64 B	52ms 52ms	Fetch image/gif	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFw55ahsNs62xMVTeTc89psHdTg5OWAGBNhXtNz0BsO8D78vu_1PybkfrmZ84tHdKtu9vM3ILHXdmnMSZZBQv7Tc7R-Nsk0OetBYLhoUZKRj0E49Ahm8JD743FniM_hv98Q4IIVLBwYHlJS3di8dnC7xhhM-5cUadfs420&sai=AMfl-YQetKEqZ7lWGB5-RlASCMP8zPB4EqbtBnBYF-OF4OkdMKsA3vASbFqcyIyZpSwQZB30eESN9uCh-Sh4SMcLIS1RMQd2OF4D0u85d1OhrRrhtlhtds4C6JFOWI2vjC_nMEr8vryTFcSLZrxt&sig=Cg0ArKJSzJ_81bq4WGa4EAE&cid=CAQSSwBpAlJWPmxa4BAcZXUwwpS-3i7-WCexrcN-_3W-WFD0nnzTVMoN5pwQh8AE7CHD11JTYDQwFzKwiTbqbyryP7NbZ6NKnd9QHK40GxgB&id=lidar2&mcvt=1056&p=0,0,280,1170&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3786272713&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695311687467&rpt=1550&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 081D	22 KB 8 KB	36ms 36ms	Document text/html	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 171390 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 16:18:20 GMT expires Wed, 18 Sep 2024 16:18:20 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame B070	0 10 B	35ms 34ms	Image text/plain	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?aXax8w Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:50 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/ Frame F315	253 KB 162 KB	109ms 37ms	Document text/html	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash c7c58713042cee21a00ecd06783b6903216badb551c93590ac3da0bb83cb83a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 5147 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 166336 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 14:29:03 GMT expires Fri, 20 Sep 2024 14:29:03 GMT last-modified Thu, 20 Jul 2023 07:20:46 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 1B77	0 0	138ms 64ms	Fetch image/gif	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssi9MscsH4RNoXYkK_Q3n1BnPtIVAw1MJDcMgfhmuPTR8lndMQMtS7Lq-mfrAHJZev2NdRCgz_Xmh47UTwABZRrzPmIAUjvyGFWSMKbWrA5HoIpMRCLu8StVRNqoc6mlFRYXGUoPCmueI4pnIlrMaGjAx3CztfTgb8OtOKojln2ilDvGG2ClvCwAZwiW5NzMC9WJdJKsU0q3jCj5_FJdzkQxrrSYqj2nX_kNY7pvqVp23TGXGkzgCJq_qzSAYbdV9ns__ZVh3piLtN3a1UQx5gugBurNHfPcvv0FhEy09BMEcnNu_yumFkcSfx23RmElLrDPtvJ_-IggZZAsVsw8z6EVbTPW7WnAE4t-Qcv9YFvVsnEXTSrksu2t4fxClPKMmAUspysg-5SiGfYV5IMIny3Qe7NO29yjnYz-c1WrcgwiyR03TkF7JNyRKMOEjxoQYpDKKuLtbo1fmMwMfuzcWHsoz6n2_sEP5Zn3L87jVZWe05B9A84bPRY5lUOhz9jHHP9vXYZ6J06gE5eWApXHJJuZZuYB9s2JZhFIENjfnbiW6TC9tMsXDu3wlM46OQJnJEZdEdD4l06DfA0FOnCIeXYIyxyx-Exc4M2Y0e2CGH8VngctUhOUWcNObRHBfvHHAKHBoIxC6e1kzS7Xn02kD0D_qZjNRIbwMmRdh8KirlYJbJxwgFwj-QXMk2clKdV7XXecCsvKWn4parneOSwwd_4iKTEx7F21tapm34STYDVC3qYvWFvmdvkoXZHmxhFnBpr9NVuE9xUn6d-8U2cMG6gGRXBtZ5r7SJa8R849WbGja_or-0speubMI0lQkpxMG_94o-kT-8plwsoPO7UVnK14XHq-hdHXzrwWKfva1J-b0SZ3kCka4S15gytngwcqVVNunvMHqg1JwHm6nzperdgXQ4QnDDl9gjwjDavk1lQrYBlucXlprxfkG6H2tvWqeI_Sh-Q_uIp1xUds_nLlqWQZWTmT5r2WWz8EMRoFPbL5jD8BIRynvmEAuZ_NAAoJFoQKyD4G-OX8404Gb8WfsOqgIZbAP-KUhmPemX9Dm4ozMYzLvXuztDeXgvYt_w7Axl_yyhSG0ioCdv6C0rK4pOrOgHpeSJaG70ZSIyUMYUW2i1CrxIFek6IVoUzbfTrbWuqK5sQSXJzhoiU0G5hWP5z5k7C4uctVMBBXrWe2qR9b5ImEGqd1LvA8OuATkCeOrMArboihRmANJDFNdwIc7oEJ5cfvy8thhhm5umZi0-70VT8JmOKAUJsPM3xVm2meBllPho_GdUOeCe3umBtkrvNhh1dhnIH14uvcf6k1sIGqmpOUebtgL4jQyS2BxUySONPGio&sai=AMfl-YQ_r_ZIspvov4UZ8_4guUNpwiugCppuQauUx6HtAyon1ak07DsYLcmBh8MQ8nmbupeQ-0auFX6sTaHJeCNP09TPuWdNfYmYaAAlS5rALt_1XixsbM9hWLu3c9Oymn7sDLWRgc1TOBxgw6a8BsGZEidtcR9ivwvNoOtvh5QGhTwC4f13gawmAUeGvGqUo0_-DOxpP0D7lrYJUChgJjDAfTBuVtyICiu3uAkizt46786HDIB_h0aJuS4a0IwGeYPCjkVBEpNuldAsD5TeswiUrBkH9PZ3yynT8G5AlKBKTnmbWOoPbuJ2JfTXFA&sig=Cg0ArKJSzEBJjHJHpoRJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=252&cbvp=1&cstd=248&cisv=r20230920.75281&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 21 Sep 2023 15:54:50 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Thu, 21 Sep 2023 15:54:50 GMT
GET H2	200	4.js Show response static.adsafeprotected.com/ Frame 1B77 Redirect Chain https://fw.adsafeprotected.com/rfw/st/1138160/72767812/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012106982&ias_pubId=pub-2969894109635106&ias_chanId=1&ias_placementId=20093475778&bidurl=ht... https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_SWcMZfqMNsSgyQPk0rwo&cbFunctionName=goog_wrapCb_SWcMZfqMNsSgyQPk0rwo&true_pb=https%3A%2F%2Fstatic.adsafeprot...	1 KB 1 KB	77ms 51ms	Script application/javascript	18.165.83.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_SWcMZfqMNsSgyQPk0rwo&cbFunctionName=goog_wrapCb_SWcMZfqMNsSgyQPk0rwo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 18.165.83.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-83-107.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id R3AxWwopGHaaV3xj068LUxj.lgAg56jC content-encoding gzip via 1.1 d6b2e9bf1f40c8fcec509faeb60f8c54.cloudfront.net (CloudFront) date Fri, 15 Sep 2023 23:00:28 GMT x-amz-cf-pop IAD55-P3 age 492863 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 08 Aug 2023 19:01:30 GMT server AmazonS3 etag W/"33dffa7df253125904b2f354b5bb5e8d" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id XIstC3qc6pYTxY2ukFQL2P0RtYI5Im6UW8rtnM7jYEa2_Sob5la1SA== Redirect headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server nginx x-server-name app38.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_SWcMZfqMNsSgyQPk0rwo&cbFunctionName=goog_wrapCb_SWcMZfqMNsSgyQPk0rwo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 8FB2	91 KB 23 KB	128ms 39ms	Script application/javascript	18.165.83.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.83.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-83-107.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Sun, 02 Apr 2023 06:31:15 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 d6b2e9bf1f40c8fcec509faeb60f8c54.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P3 age 14894616 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id kxqvLgWvRpuPCROJmvZ7cpThHDQD6_GuTH9N6_KhdVaSXOc-PYQ_-Q==
GET H2	200	dt dt.adsafeprotected.com/ Frame 1B77	43 B 215 B	266ms 88ms	Image image/gif	35.80.186.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=706307e4-2da4-4b10-ed8f-160d223a5643&tv=%7Bc:oPJLZd,pingTime:-3,time:94,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:38%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:95,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B87~0%5D,as:%5B87~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQvx59f+11%7C121%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c1%7C1c2%7C1d1%7C1e*.1138160-72767812%7C1e1%7C1e2%7C1e3,idMap:1e*,rmeas:1,rend:0,renddet:DIV,siq:39%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.80.186.203 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-80-186-203.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server nginx x-server-name dt24.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 1B77	43 B 215 B	263ms 88ms	Image image/gif	35.80.186.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=706307e4-2da4-4b10-ed8f-160d223a5643&tv=%7Bc:oPJLZf,pingTime:-6,time:96,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:96,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B88~0%5D,as:%5B88~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQvx59f+11%7C121%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c1%7C1c2%7C1d1%7C1e*.1138160-72767812%7C1e1%7C1e2%7C1e3,idMap:1e*,rmeas:1,rend:0,renddet:DIV,siq:39%7D&tpiLookup=ao:cofonts.com*&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.80.186.203 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-80-186-203.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server nginx x-server-name dt26.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 1B77	43 B 216 B	254ms 87ms	Image image/gif	35.80.186.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=706307e4-2da4-4b10-ed8f-160d223a5643&tv=%7Bc:oPJLZp,pingTime:-2,time:106,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:652,beZ:654,mfA:656,cmA:657,inA:658,inZ:664,prA:664,prZ:684,si:691,poA:692,poZ:714,cmZ:714,mfZ:714,loA:747,loZ:750,ltA:758,ltZ:758%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:38%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQvx59f+11%7C121%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c1%7C1c2%7C1d1%7C1e*.1138160-72767812%7C1e1%7C1e2%7C1e3,idMap:1e*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:39,sinceFw:66,readyFired:true%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.80.186.203 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-80-186-203.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server nginx x-server-name dt27.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response pagead2.googlesyndication.com/bg/ Frame 081D	37 KB 14 KB	35ms 34ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software sffe / Resource Hash 85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:39:33 GMT content-encoding br x-content-type-options nosniff age 76517 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14709 x-xss-protection 0 last-modified Mon, 18 Sep 2023 15:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 19 Sep 2024 18:39:33 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1B77	43 B 215 B	219ms 89ms	Image image/gif	35.80.186.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=706307e4-2da4-4b10-ed8f-160d223a5643&tv=%7Bc:oPJLZZ,time:142,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B134~0%5D,as:%5B134~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQvx59f+11%7C121%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c1%7C1c2%7C1d1%7C1e*.1138160-72767812%7C1e1%7C1e2%7C1e3,idMap:1e*,rmeas:1,rend:0,renddet:DIV,siq:39%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.80.186.203 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-80-186-203.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server nginx x-server-name dt25.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET DATA	200 OK	truncated / Frame F315	71 KB 71 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814 Request headers Referer Origin https://s0.2mdn.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET DATA	200 OK	truncated / Frame F315	73 KB 73 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956 Request headers Referer Origin https://s0.2mdn.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 1B77	0 0	55ms 54ms	Fetch image/gif	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssi9MscsH4RNoXYkK_Q3n1BnPtIVAw1MJDcMgfhmuPTR8lndMQMtS7Lq-mfrAHJZev2NdRCgz_Xmh47UTwABZRrzPmIAUjvyGFWSMKbWrA5HoIpMRCLu8StVRNqoc6mlFRYXGUoPCmueI4pnIlrMaGjAx3CztfTgb8OtOKojln2ilDvGG2ClvCwAZwiW5NzMC9WJdJKsU0q3jCj5_FJdzkQxrrSYqj2nX_kNY7pvqVp23TGXGkzgCJq_qzSAYbdV9ns__ZVh3piLtN3a1UQx5gugBurNHfPcvv0FhEy09BMEcnNu_yumFkcSfx23RmElLrDPtvJ_-IggZZAsVsw8z6EVbTPW7WnAE4t-Qcv9YFvVsnEXTSrksu2t4fxClPKMmAUspysg-5SiGfYV5IMIny3Qe7NO29yjnYz-c1WrcgwiyR03TkF7JNyRKMOEjxoQYpDKKuLtbo1fmMwMfuzcWHsoz6n2_sEP5Zn3L87jVZWe05B9A84bPRY5lUOhz9jHHP9vXYZ6J06gE5eWApXHJJuZZuYB9s2JZhFIENjfnbiW6TC9tMsXDu3wlM46OQJnJEZdEdD4l06DfA0FOnCIeXYIyxyx-Exc4M2Y0e2CGH8VngctUhOUWcNObRHBfvHHAKHBoIxC6e1kzS7Xn02kD0D_qZjNRIbwMmRdh8KirlYJbJxwgFwj-QXMk2clKdV7XXecCsvKWn4parneOSwwd_4iKTEx7F21tapm34STYDVC3qYvWFvmdvkoXZHmxhFnBpr9NVuE9xUn6d-8U2cMG6gGRXBtZ5r7SJa8R849WbGja_or-0speubMI0lQkpxMG_94o-kT-8plwsoPO7UVnK14XHq-hdHXzrwWKfva1J-b0SZ3kCka4S15gytngwcqVVNunvMHqg1JwHm6nzperdgXQ4QnDDl9gjwjDavk1lQrYBlucXlprxfkG6H2tvWqeI_Sh-Q_uIp1xUds_nLlqWQZWTmT5r2WWz8EMRoFPbL5jD8BIRynvmEAuZ_NAAoJFoQKyD4G-OX8404Gb8WfsOqgIZbAP-KUhmPemX9Dm4ozMYzLvXuztDeXgvYt_w7Axl_yyhSG0ioCdv6C0rK4pOrOgHpeSJaG70ZSIyUMYUW2i1CrxIFek6IVoUzbfTrbWuqK5sQSXJzhoiU0G5hWP5z5k7C4uctVMBBXrWe2qR9b5ImEGqd1LvA8OuATkCeOrMArboihRmANJDFNdwIc7oEJ5cfvy8thhhm5umZi0-70VT8JmOKAUJsPM3xVm2meBllPho_GdUOeCe3umBtkrvNhh1dhnIH14uvcf6k1sIGqmpOUebtgL4jQyS2BxUySONPGio&sai=AMfl-YQ_r_ZIspvov4UZ8_4guUNpwiugCppuQauUx6HtAyon1ak07DsYLcmBh8MQ8nmbupeQ-0auFX6sTaHJeCNP09TPuWdNfYmYaAAlS5rALt_1XixsbM9hWLu3c9Oymn7sDLWRgc1TOBxgw6a8BsGZEidtcR9ivwvNoOtvh5QGhTwC4f13gawmAUeGvGqUo0_-DOxpP0D7lrYJUChgJjDAfTBuVtyICiu3uAkizt46786HDIB_h0aJuS4a0IwGeYPCjkVBEpNuldAsD5TeswiUrBkH9PZ3yynT8G5AlKBKTnmbWOoPbuJ2JfTXFA&sig=Cg0ArKJSzEBJjHJHpoRJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=467&vt=11&dtpt=215&dett=3&cstd=248&cisv=r20230920.75281&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: cofonts.com URL: https://cofonts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 21 Sep 2023 15:54:50 GMT
GET H3	200	TI-Cisco-SASE-Bundle-Offer.jpeg s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/ Frame F315	16 KB 16 KB	39ms 38ms	Image image/jpeg	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/TI-Cisco-SASE-Bundle-Offer.jpeg? Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 24b32d9302498e7d7ea9f4364ec568b6ad80f305556589d77b75b974c43a0e24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 14:29:03 GMT x-content-type-options nosniff age 5147 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16313 x-xss-protection 0 last-modified Thu, 20 Jul 2023 07:20:46 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 20 Sep 2024 14:29:03 GMT
GET H3	200	LogoLockup_Vert_RGB_Midnight.png s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/ Frame F315	2 KB 2 KB	38ms 37ms	Image image/png	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/LogoLockup_Vert_RGB_Midnight.png? Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 035e06f9d9e83cb6d390f17ad42cc0ca1b4f25b3b183a0802860eaf749e502f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 14:29:03 GMT x-content-type-options nosniff age 5147 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1793 x-xss-protection 0 last-modified Thu, 20 Jul 2023 07:20:46 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 20 Sep 2024 14:29:03 GMT
GET H3	200	css fonts.googleapis.com/ Frame 463C	14 KB 1 KB	47ms 46ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 21 Sep 2023 15:54:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 21 Sep 2023 14:33:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 21 Sep 2023 15:54:50 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 463C	2 KB 892 B	35ms 35ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:49:11 GMT content-encoding br x-content-type-options nosniff age 65139 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:49:11 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 463C	23 KB 9 KB	36ms 36ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:10 GMT content-encoding br x-content-type-options nosniff age 65200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:10 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 463C	3 KB 1 KB	35ms 35ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65202 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 8E50	1 KB 643 B	36ms 35ms	Document text/html	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 2395 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 21 Sep 2023 15:14:55 GMT etag 48472445140208031 expires Fri, 22 Sep 2023 15:14:55 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 463C	20 KB 8 KB	36ms 36ms	Script text/javascript	172.253.63.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f132.1e100.net Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 21:48:08 GMT content-encoding br x-content-type-options nosniff age 65202 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 04 Oct 2023 21:48:08 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 463C	0 0	54ms 53ms	Image text/html	142.251.16.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkQc-qc79ctX5rWvzy1yK-M0P2tLF0S_ck4o8YA72xJKojbdMzSkX9ptwSxpzilthElZA7es5V5cCoxablV314M2DkyA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.103 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f103.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 463C	182 KB 57 KB	40ms 39ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software sffe / Resource Hash 2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:50 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58105 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695209545430561" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Sep 2023 15:54:50 GMT
GET H3	200	9041af033b7a690ba70e3134a2c135bf.js Show response www.gstatic.com/mysidia/ Frame 463C	36 KB 15 KB	38ms 37ms	Script text/javascript	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:00:06 GMT content-encoding gzip x-content-type-options nosniff age 78884 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15189 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 19 Dec 2023 18:00:06 GMT
GET H2	400	data=VxJQL7Wxf1yv4vUkJvtFbcpneFG7YoqOG26GHzTJlq-l0uBB4fpvXe5ULKNMlltLoj5SBGg2KPGcgVAXuQF4uw mts0.google.com/vt/ Frame 463C	0 0	123ms 45ms	Image text/html	142.250.31.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://mts0.google.com/vt/data=VxJQL7Wxf1yv4vUkJvtFbcpneFG7YoqOG26GHzTJlq-l0uBB4fpvXe5ULKNMlltLoj5SBGg2KPGcgVAXuQF4uw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.100 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f100.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 463C	297 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 463C	336 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 463C	462 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 463C	465 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	LogoLockup_Vert_RGB_Midnight.png s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/ Frame F315	2 KB 2 KB	36ms 36ms	Image image/png	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/LogoLockup_Vert_RGB_Midnight.png? Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 035e06f9d9e83cb6d390f17ad42cc0ca1b4f25b3b183a0802860eaf749e502f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 14:29:03 GMT x-content-type-options nosniff age 5147 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1793 x-xss-protection 0 last-modified Thu, 20 Jul 2023 07:20:46 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 20 Sep 2024 14:29:03 GMT
GET H3	200	TI-Cisco-SASE-Bundle-Offer.jpeg s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/ Frame F315	16 KB 16 KB	37ms 36ms	Image image/jpeg	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/TI-Cisco-SASE-Bundle-Offer.jpeg? Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software sffe / Resource Hash 24b32d9302498e7d7ea9f4364ec568b6ad80f305556589d77b75b974c43a0e24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2949510021702864591/CA-ENG_XA-09_0_728x90_BAN-A_HTML5%20%20_TOFU-no-Networking-Cisco%20SASEBundleOffer-CIO_0_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 14:29:03 GMT x-content-type-options nosniff age 5147 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16313 x-xss-protection 0 last-modified Thu, 20 Jul 2023 07:20:46 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 20 Sep 2024 14:29:03 GMT
GET DATA	200 OK	truncated / Frame 463C	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4eb68d732f1ebbbfc9fc4a1b95b2d391829c6217a97c42b67535df6d4e957457 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8E50 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJiW6Zxb5F-oG3g65PO2lhw&google_cver=1&google_push=AXcoOmR0fM1F2yziMpBmS5WZY1XTG92Chs6uicSwdfrZIU7ucQ4WYf-dvbp8YYxyhKWVFoFJ_7oHfw59L1-_gYXMM0883l26UPbd-imh https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMxMDQ1NzY1NzE5MzczOTUzNg==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJiW6Zxb5F-oG3g65PO2lhw&google_cver=1	43 B 407 B	47ms 42ms	Image image/gif	50.116.194.21 TURN-US-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJiW6Zxb5F-oG3g65PO2lhw&google_cver=1 Protocol H2 Server 50.116.194.21 , United States, ASN6336 (TURN-US-ASN, US), Reverse DNS presentation-atl1.turn.com Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers content-type image/gif pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJiW6Zxb5F-oG3g65PO2lhw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 8E50 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEJINasuXau2Gtz9worvKg7Q&google_cver=1&google_push=AXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHAPa... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJINasuXau2Gtz9worvKg7Q&google_cver=1&google_push=AXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHA...	43 B 418 B	89ms 89ms	Image image/gif	104.18.25.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJINasuXau2Gtz9worvKg7Q&google_cver=1&google_push=AXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHAPabsb&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHAPabsb%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 80a37d32f8ec36c8-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 347 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJINasuXau2Gtz9worvKg7Q&google_cver=1&google_push=AXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHAPabsb&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmReyda7pwK7DICsm9P4-YLt8226UYLdteDSzKut3v3yp326dCaoxGB2EjdG38KA6JpxVlWcmG1DL1VNOI9o3z7itpm8zHAPabsb%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 80a37d326fff36c8-YYZ alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame 8E50	0 173 B	78ms 40ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPykLu_wq9vH-63lNDT70kA&google_cver=1&google_push=AXcoOmSdKslJ0Z7X_BB6hOUKhLOuCFZivGeBaBEZXnDPpl6ajDLdYnxVnCWrHk6gKee2crjY3eQpRbH8m_w1aOaubTzDuUzulTHFE_4r Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:50 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 8E50	43 B 363 B	98ms 33ms	Image image/gif	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSPOMydOQq7KAi0t07jxwNkvXPjben-RzPTefmKozetYm8QCDiJvnujRWJMaAb6b-vdVdIgagWoqEyW_LR1WipwvdTZfNmQXlCI&google_gid=CAESEMyjQX8coW7AW4w7IlAx39A&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:49 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 419847 expires Thu, 21 Sep 2023 00:00:00 GMT
GET		googleredir googlecm.hit.gemius.pl/ Frame 8E50	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8E50 Redirect Chain https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECqH0E9smsZpmtGoBN6EICY&google_cver=1&google_push=AXcoOmSAhA55qx4WHAORAuJrOvv1JU0MoxAKbkOwYyI9cWUnL-xUXsnDy... https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSAhA55qx4WHAORAuJrOvv1JU0MoxAKbkOwYyI9cWUnL-xUXsnDyT7lPPRen_W2kTerryOJh9VqVR3_asLTuw6HiWNsNSkMBkxcIw&google_hm=QlMuNjA4OC03...	170 B 188 B	46ms 46ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSAhA55qx4WHAORAuJrOvv1JU0MoxAKbkOwYyI9cWUnL-xUXsnDyT7lPPRen_W2kTerryOJh9VqVR3_asLTuw6HiWNsNSkMBkxcIw&google_hm=QlMuNjA4OC03YjVmLTQyOWItODRjMw== Protocol H3 Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSAhA55qx4WHAORAuJrOvv1JU0MoxAKbkOwYyI9cWUnL-xUXsnDyT7lPPRen_W2kTerryOJh9VqVR3_asLTuw6HiWNsNSkMBkxcIw&google_hm=QlMuNjA4OC03YjVmLTQyOWItODRjMw== Date Thu, 21 Sep 2023 15:54:50 GMT Server openresty Connection close Content-Length 142 Content-Type text/html
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8E50 Redirect Chain https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEF9uC8PNLxZ0d7RFv5FWcbs&google_cver=1&google_push=AXcoOmRsD_qrx-Cv-5u-iN_V4PDOWwZpaU659VgB6tRHarnTB8sooaVtlHJrv90EJpXR-eFwOVxwWg9ZZvjSBzOIe17fzQV... https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRsD_qrx-Cv-5u-iN_V4PDOWwZpaU659VgB6tRHarnTB8sooaVtlHJrv90EJpXR-eFwOVxwWg9ZZvjSBzOIe17fzQVfwWvQumov&google_hm=Mjc5MjE...	170 B 188 B	47ms 46ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRsD_qrx-Cv-5u-iN_V4PDOWwZpaU659VgB6tRHarnTB8sooaVtlHJrv90EJpXR-eFwOVxwWg9ZZvjSBzOIe17fzQVfwWvQumov&google_hm=Mjc5MjE5MDYwNDY5NzA5MDQyMQ== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRsD_qrx-Cv-5u-iN_V4PDOWwZpaU659VgB6tRHarnTB8sooaVtlHJrv90EJpXR-eFwOVxwWg9ZZvjSBzOIe17fzQVfwWvQumov&google_hm=Mjc5MjE5MDYwNDY5NzA5MDQyMQ== Date Thu, 21 Sep 2023 15:54:50 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 8E50	0 12 B	44ms 44ms	Image text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUR4sh3JIApsaF0zbxKG_nyq47wS9CA_O9UeHw-XLkw2xN_v8-_Q88KdXq0M6j7-kCLiXbRqDP Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:50 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 081D	0 20 B	48ms 48ms	Image image/gif	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3q_ASWcMZfqMNsSgyQPk0rwoAAAAADgB4AQC&bg=!BAelB0jNAAbbC4-Z-ws7ADQBe5WfOEg2vg_HuKQYmuJ3GYrboyWsJranSgj_aQaQohYk3YSsZkQdKi30oj7v0A2bFhsVAgAAAJdSAAAABmgBBwoASE4vaF0ooGb29zad1UhanjbJYZCwE9nzoz4rGRiP876aYi1EmjgW8Cb5bsECJS2ZKOTpzrnLv-QIOhNEjPlkNN6ggrKvAPmoj5kCx27rvYz9krI7mYF3WQJKIuuhfgQdpqo1yqBKDQAxt2T7TBnSGwH-gvmQ5x8EKFarklTuW9ZrLYp4-8RJVf8GSgLe8AEk3jaNpQgZNYiP6Xt7OF2o2zn-nR7hmbItlft9Dh9ZvVNDCGC2JWbEkcrsprLbrLDtyFjCwmC0Z6S5UvN4zKMblriVdrVeoi2G2QcqECn52-e-09gHaLXf9m63oyL3kIoSHEvApoOQ_BdZtoctmMGIcu65c9ZE8legPMwgWqUIXLz_Mz_xZSk4YLh-lYLRyudVMqmqmniSjfnYnbO1eHxgJdqUEHl7RvjWriamO0vf01PtS-iXRtmTQ1dz2LEakBkBtalzK-UZn6107SZ1bC9b0CSK7XUC8ui2_etDYReQ3nOavOJ77GcRhtkvOysHj-auGdlmeC7SKlUwooORJLKptcqUYg39zRw025O2Reb7AwP1UUBS3nsYAG5hSUt_vAZ4IqHJ6mezcDpzLkOS1s4q3t8QCNGsyE_IonOTEVLl2Iz3Pm0oaOxZM_SuKRk7r1ESrnlT9TjidIPrZuBno_KaWlF5xWPdOBvi2ySBcbq5CKZIOQRXU-pFL-VJyPLwW4nEJFHjifvVtMWmHs_5A6VFrR-L2koagLlgqDOFaltwfZvn6Vm45nL4PUXVDiyOBMhJSJojk6IRK5epdcTSoG31uKZjMGd3GGlvuaELGOOWHjJPWqtD7Kn171N2Hd1g6i2s2fuDiMs5q0izSw-rA0n01aiMb25N7x71lMs78aw8lgfVeN9LbYjyZWVNbG8BiGh2CO5ZZAaHmN3Ddl1HkYceAs66GVaWvwTAnetXbuBgLQmERC28IJddlNMljuTwlsonnc4GxLEK9COVpbNiq9HLZ4ZNpHCQIMmykfP1VrjZjh1dD7YHt70zMkuTIjF2fYXGVMIYAC8TBO3q0F2NLpOBx0Lthg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 463C	33 KB 33 KB	36ms 36ms	Font font/woff2	142.251.16.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f94.1e100.net Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 00:03:34 GMT x-content-type-options nosniff age 229876 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Sep 2024 00:03:34 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 463C Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CfmA4SWcMZY7pIoKWxtYPtpisoAfr25W6cMaK0sG0D8CNtwEQASCKx8F4YP2gmYHoA6AB6t-71wLIAQmpAkRNXDTa16g-qAMByAPLBKoE4QFP0Jx2qaTDtUw2bjQ7GdH7DM1IW_bBK5VRfZB... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc1ebd6b93f97ec960000000000000000%22,%222%22:%220xc5e4b39228d1ef60000000000000000%22,%223%22:%220x1aef89f...	0 0	48ms 48ms	Fetch text/css	172.253.62.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc1ebd6b93f97ec960000000000000000%22,%222%22:%220xc5e4b39228d1ef60000000000000000%22,%223%22:%220x1aef89f0d7f23d90000000000000000%22,%224%22:%220x4baf3cf5f90f60370000000000000000%22,%225%22:%220x88a4537c89d395f50000000000000000%22},%22debug_key%22:%2215984169151547466082%22,%22debug_reporting%22:true,%22destination%22:%22https://offthegroundink.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22720302058%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213368148099440305585%22}&andc=true Protocol H3 Server 172.253.62.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bc-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:50 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0xc1ebd6b93f97ec960000000000000000","2":"0xc5e4b39228d1ef60000000000000000","3":"0x1aef89f0d7f23d90000000000000000","4":"0x4baf3cf5f90f60370000000000000000","5":"0x88a4537c89d395f50000000000000000"},"debug_key":"15984169151547466082","debug_reporting":true,"destination":"https://offthegroundink.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["720302058"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"13368148099440305585"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 21 Sep 2023 15:54:50 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Thu, 21 Sep 2023 15:54:50 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc1ebd6b93f97ec960000000000000000","2":"0xc5e4b39228d1ef60000000000000000","3":"0x1aef89f0d7f23d90000000000000000","4":"0x4baf3cf5f90f60370000000000000000","5":"0x88a4537c89d395f50000000000000000"},"debug_key":"15984169151547466082","debug_reporting":true,"destination":"https://offthegroundink.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["720302058"],"4":["09-21"],"6":["true"]},"priority":"500","source_event_id":"13368148099440305585"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response pagead2.googlesyndication.com/bg/ Frame D22D	37 KB 14 KB	35ms 35ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2969894109635106&output=html&h=280&adk=1832109450&adf=282838718&pi=t.aa~a.2686042532~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1695317382&rafmt=1&to=qs&pwprc=4393994986&format=1130x280&url=https%3A%2F%2Fcofonts.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695311689410&bpp=1&bdt=2290&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed8f8d5e4b5a52f%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MaB_GqSlzbXHjVFhN9STn6nEjgJQw&gpic=UID%3D00000d944f20e550%3AT%3D1695311687%3ART%3D1695311687%3AS%3DALNI_MYjwNS7oQzb3pqw_i8AzC2rbxl6VA&prev_fmts=1170x280%2C0x0&nras=2&correlator=5666459124369&frm=20&pv=1&ga_vid=908347758.1695311687&ga_sid=1695311687&ga_hid=988925604&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C42531705%2C44798934&oid=2&psts=AOrYGsktcwrgcUFzO1GcdvlQA1rByPsBLsksUPTB-btYnkQtYgUOPiSXpxQURmedYtoBnuOjQ3QGjDs4jYEpexxifnkyC8sM&pvsid=3813212816509856&tmod=1181357556&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ezSeJ18zl8&p=https%3A//cofonts.com&dtd=118 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software sffe / Resource Hash 85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 18:39:33 GMT content-encoding br x-content-type-options nosniff age 76517 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14709 x-xss-protection 0 last-modified Mon, 18 Sep 2023 15:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 19 Sep 2024 18:39:33 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1B77	43 B 215 B	88ms 88ms	Image image/gif	35.80.186.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=706307e4-2da4-4b10-ed8f-160d223a5643&tv=%7Bc:oPJM63,pingTime:-10,time:518,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0MjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTcuMC41OTM4Ljg4IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695311690751%7C%7C95a907aa39c8680e67f06eec71108abf%7C%7Cbd1e129058c6f254231648b6cc158d80%7C%7C728347214ebe3504331309f86b261365%7C%7Ccc365725b865eb22df78d40da2c70f2e%7C%7Cddf500b2430eeb14369ea2432b42e49c%7C%7C0bd26596e562e44ee470dbee75abf0b4%7C%7C0bb18282e57b9c594b13577a2819a64c%7C%7C1663701684%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.80.186.203 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-80-186-203.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:50 GMT server nginx x-server-name dt29.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	49ms 48ms	Preflight text/html	172.253.62.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc1ebd6b93f97ec960000000000000000%22,%222%22:%220xc5e4b39228d1ef60000000000000000%22,%223%22:%220x1aef89f0d7f23d90000000000000000%22,%224%22:%220x4baf3cf5f90f60370000000000000000%22,%225%22:%220x88a4537c89d395f50000000000000000%22},%22debug_key%22:%2215984169151547466082%22,%22debug_reporting%22:true,%22destination%22:%22https://offthegroundink.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22720302058%22],%224%22:[%2209-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213368148099440305585%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.62.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bc-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Thu, 21 Sep 2023 15:54:50 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	50ms 49ms	Image text/html	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=3813212816509856&bg=!JiWlJWrNAAYrDsWMCw47ADQBe5WfOKZmkKBl4LaHYLK9OtoEECdJMeLxJnVJq-dSgpV5DRTKcwmzOssxZl8uxVw3LRBcAgAAAdZSAAAABWgBBwoAMGCw7sn4E55I1jRtV-7TTVppfAo59FdoWYb3VzuX2Om60iDnMPPb3ZZ5VAWa9k1XvpkCqeDSNtEYs-aJz40VPy_PMSD8_swgSU3eySOJ7PuiC90pgQhADizs8NCZBdb9pBWmI1H1nCpUD__m4Pi7-0MkTD87d9gjJHGP9MgIjYW1Y9OM4Rd_DkNkUzvNc4Kj4ievuk6z-6KGOozjmE3MQfvOVSZlyp7qEmQe6XjIQqKghJutDqEycwSU39wkIq8VdkO0z3grtYstccAWFrCNNu7KC72EVqayVVxhz-y31m6q_lwhiyhgIn8siHN__X_52E_wfdzarmQsGoMK0CI-7e90NrQes5qg4CZyS6F0eIxUUjH1YR57c3WM-AtL0tlIBcm1YMd7XksVBczjUpvMZfEqlHDEqBS86EKoDy3qfy0inLX-OnwJ_RHCb1UblGosbleiU_HmJ0AEy4tpg36kH5vnIFLLPEV9TPoVjzOXvDSOWx-oOz_pZobu64vAc1HW2sER7bxIwMPDmD2Tq1-USW-5L86sUcJAVdNYQtqvJBf0RE6iG1rsxFGYDKBWuSjeEVHMmJ5LI-beo9fR7AShUWD7fwNOP2fWAG4pzK4hFj8GUH9XiDIC7jMWdRUKDXLgeCX9ZDV1A-mHrzYPhCGoaZ4IeQ1TVc-1fC2PVRiMWs0VutXUMpjQYGDs1nMsnPZp44-_OE1Ndhs8xw7ghLyV3gLG-gvqYWBMcJFW6d4wq9Z6Wir4BT-x2TxIWRUssWTusPQkTSgnSlssgxBrtgzbzwoV341DA0cR4wNMCdB5zW5jgslhyiTnYOgRJua8A9nhf5cGBYM4K8oN7L2_WNBr5dYu_6W0PgrNpYNR2taivWgEf7vtGfpP0LGwh9nEWYu1aUdUm6WtuZ7aXp_uFoSPW0CxTmPmIKI4TA_bECxacvOzo9XYN23n84qaOQldxAS3BaRmBBR-hiWXXzggCg Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	57ms 56ms	Image image/gif	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.1312390703619797 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-EgGgXllmlt13ve9Vaf0ulw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:50 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-EgGgXllmlt13ve9Vaf0ulw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	58ms 57ms	Image image/gif	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.568805600187712 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-JC0vmHa7T_UuRYMo3nne8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:50 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-JC0vmHa7T_UuRYMo3nne8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Show response fundingchoicesmessages.google.com/el/	0 28 B	121ms 51ms	XHR text/html	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kh2zBTlf-4H9AjISxLTk3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cofonts.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Thu, 21 Sep 2023 15:54:51 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kh2zBTlf-4H9AjISxLTk3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://cofonts.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1B77	42 B 64 B	51ms 51ms	Fetch image/gif	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKPOrCWV27AOycvzC9CgoFJx8voHB6I6_MJvXOnUoToSvk3vE7JviFHpS_GwUx3_nIFT74Ms_jVyFS4PViqZoL2MiyBhnKZ6gFwj4GvAlmICzLvvj0LyhiywbbKA1OqHH3g4litixlyg&sai=AMfl-YTVIJsti6OhmDKfKqjnVAFUA9JLFCuw-mPMzEKIhGk4cZKT8bNqXsxeYLXN8-Z58NyZSwhUgCIz0Lofjsrkh1XfVO92cU8sP7Q7UZip1r5w_ocmBUXpbwiczaIY_apDpmjM_ACOTcA5jcid&sig=Cg0ArKJSzHoyYBV9707sEAE&cid=CAQSSwBpAlJWo_8HErdyJ9y0aHiwkykDNxnXsX_lZAvW5HGsjE0LIiTZbEATZ-kmp_VrHz800r2svELL7CANZ66z5EXe51L979kzqZagmBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=676,1000,1000,1000,1000&tos=676,324,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=318159121&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695311689581&rpt=620&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:51 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1B77	43 B 215 B	88ms 88ms	Image image/gif	35.80.186.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=706307e4-2da4-4b10-ed8f-160d223a5643&tv=%7Bc:oPJMeY,time:1071,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1071,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1063~0%5D,as:%5B1063~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:91,fm:tQvx59f+11%7C121%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c1%7C1c2%7C1d1%7C1e*.1138160-72767812%7C1e1%7C1e2%7C1e3,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:39,sis:242%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.80.186.203 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-80-186-203.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:51 GMT server nginx x-server-name dt21.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	banner Show response fundingchoicesmessages.google.com/f/AGSKWxWMTKru_VJluKXqKuBE-ni7Ogra_pT7NPxLy3zF7rJdtNUhuJzO02LtDe6t1RVGaG-ijZNnEgR8OJB6S9Rll8AiLWuoW9eTS0PTiEcUV3RJSfVg64QDkVVbVjMTuaT8cDOt6ZT0Q2bG16y62VpGUOzW57DBg...	54 B 109 B	57ms 57ms	Script application/javascript	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWMTKru_VJluKXqKuBE-ni7Ogra_pT7NPxLy3zF7rJdtNUhuJzO02LtDe6t1RVGaG-ijZNnEgR8OJB6S9Rll8AiLWuoW9eTS0PTiEcUV3RJSfVg64QDkVVbVjMTuaT8cDOt6ZT0Q2bG16y62VpGUOzW57DBguwVTfcnaO8mj7j2QKofMK5VW8P-Zu1B/_/adservers-/ads/banner?_dashad_/mDialogAdModule._700_100_ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash 1291f7659a8090eff4ecb909d4228ac7f9fc48a9044bf0d9cb21f6fac733f036 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EPV8VP8ZEP2zZrIclChDSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:51 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EPV8VP8ZEP2zZrIclChDSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	google_top_exp.js Show response pagead2.googlesyndication.com/pagead/js/	47 B 67 B	37ms 35ms	Script text/javascript	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 09:18:47 GMT content-encoding br x-content-type-options nosniff age 23764 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 server cafe etag 13036835877489095579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Oct 2023 09:18:47 GMT
POST H3	204	AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Show response fundingchoicesmessages.google.com/el/	0 28 B	54ms 53ms	XHR text/html	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YpDoGIAcWIwt4nN8xJuxRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cofonts.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Thu, 21 Sep 2023 15:54:51 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YpDoGIAcWIwt4nN8xJuxRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://cofonts.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B77	0 20 B	47ms 47ms	Ping image/gif	142.251.163.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7942103544476&version=m202309120101&ct=76&x=1&cor=7927075023218184000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Sep 2023 15:54:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Show response fundingchoicesmessages.google.com/el/	0 28 B	53ms 53ms	XHR text/html	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--xkED3mb4WzLS7B6pvlbKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cofonts.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Thu, 21 Sep 2023 15:54:51 GMT content-security-policy script-src 'report-sample' 'nonce--xkED3mb4WzLS7B6pvlbKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://cofonts.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Show response fundingchoicesmessages.google.com/el/	0 28 B	53ms 52ms	XHR text/html	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-4enG1BITWRBz97q4nU9Y3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cofonts.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Thu, 21 Sep 2023 15:54:51 GMT content-security-policy script-src 'report-sample' 'nonce-4enG1BITWRBz97q4nU9Y3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://cofonts.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Show response fundingchoicesmessages.google.com/el/	0 28 B	50ms 50ms	XHR text/html	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UpAKoZYSIaF4F8VmZm4bgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cofonts.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Thu, 21 Sep 2023 15:54:51 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UpAKoZYSIaF4F8VmZm4bgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://cofonts.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxXLj4_SYWhbVeSKrKupiQO9HCuv0vV6E0dvVQEqIncoYkuBELed1EloAuWWxqdBmGGNE-91MU2HunKCn71ld0o14r_vcZEzytf0eg0rSZS-igA9RwNwF9-o-kzK1GPf_qQOFnxSJQ== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	67ms 66ms	Script application/javascript	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXLj4_SYWhbVeSKrKupiQO9HCuv0vV6E0dvVQEqIncoYkuBELed1EloAuWWxqdBmGGNE-91MU2HunKCn71ld0o14r_vcZEzytf0eg0rSZS-igA9RwNwF9-o-kzK1GPf_qQOFnxSJQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MzExNjkxLDYzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9jb2ZvbnRzLmNvbS8iLG51bGwsW1s4LCJBLWpMSGc2QUJydyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash b49bfce65c656437d99e533d65832e6f8ccd6bbc85fac8e1eba6a164c8676bcc Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z6lgmQ531GMxrPyGgKnwxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cofonts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 21 Sep 2023 15:54:51 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z6lgmQ531GMxrPyGgKnwxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUrZ8oep1RRA6eoDJ-CCXqPvR2pEL9PgjARfawntSa10CQAB0nmBXI0VxlqDCaPmTZI7BJzqsoT4OGCozxemBpYQ72yVuXZqYQKNJfQUdir2m6byzh4Pgp8iqDk16DPtfO91BcR1w== Show response fundingchoicesmessages.google.com/el/	0 28 B	52ms 51ms	XHR text/html	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUrZ8oep1RRA6eoDJ-CCXqPvR2pEL9PgjARfawntSa10CQAB0nmBXI0VxlqDCaPmTZI7BJzqsoT4OGCozxemBpYQ72yVuXZqYQKNJfQUdir2m6byzh4Pgp8iqDk16DPtfO91BcR1w== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y3RpkgVh3JMjPPXaVVca8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cofonts.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Thu, 21 Sep 2023 15:54:51 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y3RpkgVh3JMjPPXaVVca8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://cofonts.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Show response fundingchoicesmessages.google.com/el/	0 28 B	53ms 53ms	XHR text/html	172.253.122.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxV-BmQqHBhImYt34sOrpo9STG-WcAds8qin_CmJ3gp91zOowNaEFUIPQPZJlSeX9dI1iJMeGW8CBV3xwcGwf3LXjcAQ4-YfVHwPyTMZBm3OH27wF4XstOGytqZ5txmjuKiGkaOm5w== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f101.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--SvwkovP4qovctvd7k9L1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cofonts.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Thu, 21 Sep 2023 15:54:51 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--SvwkovP4qovctvd7k9L1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://cofonts.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googlecm.hit.gemius.pl

URL

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO7rCqYraGWuE6ZKob44lIw&google_cver=1&google_push=AXcoOmS3sadSXuUm-4nZh1dBcW2fNXUkyeqmD_h0T5Yn3IJmJ7CUwXZPQ6YqD4o2gJIdCerh8ue_HE-aFkyXjL_LMv4w1QTxe3yP4VCVoA