getgreenshot.org Open in urlscan Pro
2606:4700:e0::ac40:6e16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://getgreenshot.org/
Effective URL:
https://getgreenshot.org/
Submission: On July 28 via manual (July 28th 2023, 2:57:55 pm UTC) from CA — Scanned from CA

Summary HTTP 111 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 111 HTTP transactions. The main IP is 2606:4700:e0::ac40:6e16, located in United States and belongs to CLOUDFLARENET, US. The main domain is getgreenshot.org. The Cisco Umbrella rank of the primary domain is 5761.
TLS certificate: Issued by E1 on July 7th 2023. Valid for: 3 months.

This is the only time getgreenshot.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:e0:... 2606:4700:e0::ac40:6e16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1400:d::... 2600:1400:d::1721:ee11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
2	2600:1400:d:4... 2600:1400:d:492::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:804::2008	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
22	2606:4700:303... 2606:4700:3033::ac43:8507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
2	52.116.53.150 52.116.53.150	36351 (SOFTLAYER) (SOFTLAYER)
111	15

14 2606:4700:e0::ac40:6e16 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

getgreenshot.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d::1721:ee11 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d:492::f09 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3033::ac43:8507 (United States)

ASN13335 (CLOUDFLARENET, US)

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com

8proof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	440 KB
22	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 24810	8 KB
14	getgreenshot.org 1 redirects getgreenshot.org — Cisco Umbrella Rank: 5761	184 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	8 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	145 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	124 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	225 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4617 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5188	35 KB
2	8proof.com 8proof.com — Cisco Umbrella Rank: 39750 cdn.8proof.com Failed	5 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 493	17 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	468 B
111	12

	Domain	Requested by
22	g.bidbrain.app	googleads.g.doubleclick.net
14	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
14	getgreenshot.org	1 redirects getgreenshot.org consent.cookiebot.com
13	pagead2.googlesyndication.com	getgreenshot.org consent.cookiebot.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
12	fonts.googleapis.com	getgreenshot.org googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	8proof.com	getgreenshot.org googleads.g.doubleclick.net
2	ssl.google-analytics.com	getgreenshot.org
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	consent.cookiebot.com	getgreenshot.org consent.cookiebot.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	cdn.8proof.com Failed	8proof.com
111	16

This site contains links to these domains. Also see Links.

Domain
greenshot.atlassian.net
github.com
twitter.com
www.openhub.net

Subject Issuer	Validity	Valid
getgreenshot.org E1	`2023-07-07` - `2023-10-05`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-04-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
bidbrain.app Cloudflare Inc ECC CA-3	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.8proof.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-02-07`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://getgreenshot.org/
Frame ID: 2EC06AFA55216159F53AE1D9B8020269
Requests: 31 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: DB29C8C5904FDAD5504CA53E0F98EB70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: 8666B71AA331B1E806EF2C6E86F9A388
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192
Frame ID: D06FFB44D90934D0EFDC46078EAE40C1
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196
Frame ID: 2886FED02321A40A506A16A132EA5416
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&adk=1812271804&adf=3025194257&lmt=1663010503&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fgetgreenshot.org%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270475&bpp=3&bdt=794&idt=170&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C160x600&nras=1&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=941987407&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=185
Frame ID: C22F5572B1835CC60CE36E9746B4DDB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8650D450C795CC15BF1AB0A5D585B52C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E4B0C007095AF9BB29D43D1EBA17A51
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: B2E83BF4766DB1671922778B96C81935
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: BD5DB0D0920E96E41B1E5717AC6AC69D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6E8F776C401C95DBB251DB65691AE09A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6A41FF128EAD0119B5196002A9677DF6
Requests: 1 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=566296639504&ctd=110095&crid=1185&ap=ZMPXbgAKpDAFKPjOAAT87eYzjx7T4M4H_r3sug
Frame ID: 9843DC002CA2C9E1656EBF2D0B313E47
Requests: 3 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=566296764047&ctd=110095&crid=1205&ap=ZMPXbgAKpDEFKPjOAAT87fmZSMjHP2d9Qhfdfw
Frame ID: 73B5ED204BD016CA3AA4F5F1DE641984
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1951C61B224368FC4C540AFB80185B01
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: AC9B56D3689EB740382A35485562C263
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Greenshot

Page URL History Show full URLs

http://getgreenshot.org/ HTTP 301
https://getgreenshot.org/ Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

96 %
HTTPS

93 %
IPv6

12
Domains

16
Subdomains

15
IPs

2
Countries

1192 kB
Transfer

3258 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://greenshot.atlassian.net/browse/BUG
Title: bug

Search URL Search Domain Scan URL

URL: https://greenshot.atlassian.net/browse/FEATURE
Title: feature

Search URL Search Domain Scan URL

URL: https://greenshot.atlassian.net/browse/SUPPORT
Title: support question

Search URL Search Domain Scan URL

URL: https://github.com/greenshot
Title: Github

Search URL Search Domain Scan URL

URL: https://twitter.com/greenshot_tool
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.openhub.net/p/greenshot
Title: OpenHUB

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://getgreenshot.org/ HTTP 301
https://getgreenshot.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

111 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
getgreenshot.org/
Redirect Chain

http://getgreenshot.org/
https://getgreenshot.org/

7 KB
3 KB

74ms
29ms

Document
text/html

2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5d34884a1d935e952aa71605b4710e65b00e76471f229ce2f68ce77fbcaeb0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
age: 6626
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7eddfa0d5dfb434a-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Jul 2023 14:57:49 GMT
expires: Fri, 28 Jul 2023 13:17:23 GMT
last-modified: Mon, 12 Sep 2022 19:21:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WD1cIrAd%2FbrsvRr78etBNHQUGnpfIaylJNoW7O7r6aWYfeJP5f7D8lF8981yNU23DUFMM3BnOVoXykJdRiu7zOFoGLewmw3t3tl0jTqJyRYkRUA%2BvhooPLzDjn1KfXODH86pWUkkN7qyAcXcYgJq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-github-request-id: 9B8A:6481:381A9D:4A3899:64072A13
x-origin-cache: HIT
x-proxy-cache: MISS

Redirect headers

CF-RAY: 7eddfa0ce998191e-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 28 Jul 2023 14:57:49 GMT
Expires: Fri, 28 Jul 2023 15:57:49 GMT
Location: https://getgreenshot.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lad04Jd6poZhJnmsRHCTmXeXUbOcUt4oqTtWjjLUGbCh1I%2FT9ocI0h8CR1KylfpkM9O9e6HpW2AuzVbD%2BaL5DIGaVS52g6MbEbvYivs7KIzA3W%2FFzh5UGvTL%2BCaEgy70XNmu7s6SJtOcMLsrnWtJ"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
33 KB 114ms
29ms Script
application/javascript 2600:1400:d::1721:ee11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::1721:ee11 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8c568a2262a172bd40e6080a554094470686624ca9e62b977e64e78cfd460111

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2023 12:05:22 GMT
etag: "ec12ffce6faed91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=510
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33582
expires: Fri, 28 Jul 2023 15:06:19 GMT

GET
H2 200 main.css
getgreenshot.org/css/ 6 KB
2 KB 32ms
29ms Stylesheet
text/css 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/css/main.css?v=6
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f9151dfc73d49498a402ddf5c91127fb8f2e32cdccb0b8f471ee39bf677f967

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6017
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: 4742:6ABF:394869:4F84EB:64072A13
etag: W/"631f86c2-17b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDKHwZ5SbS8o1SIUDfyQC9frjIgL%2F65O62M24WhVF776DMZ%2FwULgSnAqbJqX7Ze4XeYl6QmxY8MzWanf8DAjtItCcrnvQ137UfuskbSwHWG3kkgs5Ie7id%2BmpSqvJFEO%2FfTNw9Lh47xaCaZ7Ln2k"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7eddfa0d9e3f434a-EWR
expires: Fri, 28 Jul 2023 13:27:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
903 B 79ms
37ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato|Bangers

Requested by

Host: getgreenshot.org
URL: https://getgreenshot.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7078dbde85de877625300c4adcdc174dda14e70bf5369f5071785d217ea87a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:57:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:49 GMT

GET
H2 200 font-awesome.min.css
getgreenshot.org/css/font-awesome-4.7.0/css/ 30 KB
7 KB 34ms
31ms Stylesheet
text/css 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/css/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6017
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: EC18:74D3:3960AD:4F9B40:64072A13
etag: W/"631f86c2-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UGAgsVUWr3fIPQ2LmQJQmrwU%2BY3ctmLgfJBYBTnmwciwz3lthcA5LDLqZmhuH6vh3YuqPkm9ZhI3VTAw1MWgerRmhoJiaP884MJu%2Fouy1wM9XEQ4O9Eqvgv33OeiexgqrfQN9DNbbc%2BF%2BuIO2rO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7eddfa0d9e42434a-EWR
expires: Fri, 28 Jul 2023 13:27:32 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
getgreenshot.org/js/vendor/ 85 KB
31 KB 37ms
35ms Script
application/javascript 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/js/vendor/jquery-3.1.1.min.js
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6017
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: F5D4:6298:566FE88:7DD66BE:646BCBF4
etag: W/"631f86c2-152b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfeTwV25KHBQ7ojzXMlCTmVviY399rBRNBPxtGWRWJ8zzLo0iVSF8aTnfxFM%2F6EsapbTDpVF89dtXQBbemuYKW1n9x7pr5r0IVygR6ekw%2FQXlHlFqwOAH8tJgcWfis6YU05essN6X1u2IJBz4QmR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7eddfa0d9e43434a-EWR
expires: Fri, 28 Jul 2023 13:27:32 GMT

GET
H2 200 jquery.slides.min.js Show response
getgreenshot.org/js/vendor/ 11 KB
3 KB 46ms
43ms Script
application/javascript 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/js/vendor/jquery.slides.min.js
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ec733cb38ee1c685cda9409cc5502f2ea47dd072f70b30146f5494dbe32ba8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1452
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: E050:374B:3B2B46:4D4A9E:64072A13
etag: W/"631f86c2-2d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twujjj5TEbv72FR%2Fc%2Fd3AHgFqEktnqFHrNEq3npOY%2FBcDSR3Yg4L%2Bn909CcupKPktaf%2BcLGmmYdqR4Sojvbny75whbCwPOrL9AttryGn9%2BgNzUNcJNAhICtlw1VIyJ7mtH3nzUcEBuYgKOnXH20D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7eddfa0d9e44434a-EWR
expires: Fri, 28 Jul 2023 14:43:37 GMT

GET
H2 200 blockadblock.js Show response
getgreenshot.org/js/vendor/ 7 KB
2 KB 27ms
25ms Script
application/javascript 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/js/vendor/blockadblock.js
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6040
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: A822:280B:3BCC44:4DF168:64072A13
etag: W/"631f86c2-1b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bk3nGaGWfHJj5Lg%2BXLURM8odFir4SccS3pdmoZrB4X%2FFNJa943C7xQceYraWHNTUIhEKHEbHfOO35msgd4eBpr9Wd4BaUVBttHI1zF1oNhRs8Tkavyz9AJwyDKSkToiujVGzfM7FE9mZIOoQvNut"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7eddfa0d9e45434a-EWR
expires: Fri, 28 Jul 2023 13:27:09 GMT

GET
H2 200 main.js Show response
getgreenshot.org/js/ 653 B
656 B 28ms
27ms Script
application/javascript 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/js/main.js?v=2
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd152267c984fa30e9faedca7a3317b6151900b68b4b9daed18f8d7ff70ffc6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6017
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: 9D6E:638B:3A6D6A:4C8CF7:64072A13
etag: W/"631f86c2-28d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wygj1EJsD1%2B%2F%2BflV%2B7LJVdA3GtYDchtOeBkBHhJSNtAv0UWzOgHErEr0SrhRmY%2BGPga9JjWeR9E%2B6TsfeFw7SjgX2PQrCUjPh8vhEaPIbVGuuViEBF7lo4%2Fqw0YZ8Z1RtMf5U%2BlhY5ICr7LAk3oo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7eddfa0d9e46434a-EWR
expires: Fri, 28 Jul 2023 13:27:32 GMT

GET
H3 200 greenshot-logo.png
getgreenshot.org/assets/ 20 KB
21 KB 31ms
30ms Image
image/png 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getgreenshot.org/assets/greenshot-logo.png
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f68d307211489bf15be640ce0793e3b8c289aa8ede24020e1cd563ee67e4c79

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 28 Jul 2023 14:57:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5927
alt-svc: h3=":443"; ma=86400
content-length: 20594
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: BBE4:0D88:190785:228471:631F8E02
etag: "631f86c2-5072"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdoGHHaOf8kHgTa8FtnX0S8HgQs48%2Bkz4dA44jkiANFQWkNxgTm%2FypjY6NRnWdsndIRwDuKb2ilGFJkIN9tId9uOn%2F5q3V8DjLA%2BEcbeILjNdnRvMRN8xNUcTY%2BgXIy4vSqimfS%2Fas%2FS55CQeZyM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 7eddfa0e1ae732dc-EWR
expires: Fri, 28 Jul 2023 13:29:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 95ms
48ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: getgreenshot.org
URL: https://getgreenshot.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

754f57966eb9676bdddb5475067b5089c040d4b8219ef959f4b24d599eb1ec34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50881
x-xss-protection: 0
server: cafe
etag: 13290205446045040384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 14:57:49 GMT

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/11322683-6c24-4874-9189-5e01b84d8747/getgreenshot.org/ 982 B
729 B 102ms
26ms Script
application/x-javascript 2600:1400:d:492::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/11322683-6c24-4874-9189-5e01b84d8747/getgreenshot.org/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:492::f09 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7d7b955fb9d7c2b6f5a1bfe6eb7f612438b2695c0049c1f98daad4cf6c16cfc4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 06:06:34 GMT
server: AkamaiNetStorage
etag: "72e8192457a6f804bb685cb57b4dc1b0:1689314794.614758"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=23746
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="469598_388099751_619210509_436_792_19_0_146";dur=1
accept-ranges: bytes
content-length: 344
expires: Fri, 28 Jul 2023 21:33:35 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/11322683-6c24-4874-9189-5e01b84d8747/ 39 B
421 B 110ms
110ms Script
application/x-javascript 2600:1400:d::1721:ee11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/11322683-6c24-4874-9189-5e01b84d8747/cc.js?renew=false&referer=getgreenshot.org&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::1721:ee11 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a075bc7b4f332e06c46d8d781402d477f5f91579ea3b82bcfd62fd567861eed1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:49 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:57:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
content-length: 156
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 66ms
13ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Bangers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://getgreenshot.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 20:32:19 GMT
x-content-type-options: nosniff
age: 152730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 20:32:19 GMT

GET
H3 200 fontawesome-webfont.woff2
getgreenshot.org/css/font-awesome-4.7.0/fonts/ 75 KB
76 KB 26ms
25ms Font
font/woff2 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/css/font-awesome-4.7.0/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://getgreenshot.org/css/font-awesome-4.7.0/css/font-awesome.min.css
Origin: https://getgreenshot.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Fri, 28 Jul 2023 14:57:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5927
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: C9EA:53E1:39C3A8:5359B0:631F8E02
etag: "631f86c2-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0O1pm2cd0dSFk0l4vV1L3lTXOq07i7GfWRzKQP5dwd%2BdKrDhcAwxEba3AkwE5j5hM1IB21WZyhdKjuGRXgcbpr%2BEXplQxndZ06RNd1hZexuZ0Q4MpTKHsncdfWWsrKzkpDFTx9qyY1ivNKlWPkC"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 7eddfa0efb7c32dc-EWR
expires: Fri, 28 Jul 2023 13:29:02 GMT

GET
H2 200 FeVQS0BTqb0h60ACH55Q2A.woff2
fonts.gstatic.com/s/bangers/v24/ 23 KB
23 KB 74ms
22ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bangers/v24/FeVQS0BTqb0h60ACH55Q2A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Bangers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda284b2884152157e98574f8340cd385a9b6bb2d1fd8179fe990785ec228c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://getgreenshot.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 20:38:20 GMT
x-content-type-options: nosniff
age: 152369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:47:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 20:38:20 GMT

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame DB29 627 B
806 B 27ms
25ms Document
text/html 2600:1400:d:492::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:492::f09 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=30949993
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 14:57:50 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sat, 20 Jul 2024 20:11:03 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="469598_388099751_619210701_15_908_18_0_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H3 200 jquery-3.1.1.min.js Show response
getgreenshot.org/js/vendor/ 85 KB
31 KB 28ms
28ms Script
application/javascript 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/js/vendor/jquery-3.1.1.min.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1453
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: C0F0:20ED:92977F:CC1C34:637E13BF
etag: W/"631f86c2-152b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9S5iuQjc626P97e8eUKuxynTYOUJhWWJfnijPwtZ4AoGe%2FqJdnc2Y6r4Ym9T0j43563ifDhBgRbtP%2F3A5RlfYTJctFWIq%2BsOvLvQTfErkklEBmgy%2B2KshjdEs7l51Sm%2FNQJAjiAaHpyb6B7am81"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7eddfa107c9532dc-EWR
expires: Fri, 28 Jul 2023 14:43:37 GMT

GET
H3 200 jquery.slides.min.js Show response
getgreenshot.org/js/vendor/ 11 KB
3 KB 30ms
30ms Script
application/javascript 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/js/vendor/jquery.slides.min.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ec733cb38ee1c685cda9409cc5502f2ea47dd072f70b30146f5494dbe32ba8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6733
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: 3BEE:081B:3D6557:522D02:631F8E02
etag: W/"631f86c2-2d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYGLXJoyROVbE8QVua2bTqzS8ggoCznpZWcDIQug2lYTioVLiWY1H8n2uxvcESC8bMW%2FsOmmyY6YaF0hKVNhC9pJu3z3bBvb2lyqDKFRH%2BrRRGq0FTA7Za6g%2FaZviOq%2BJWrSwCdfCyMhuKHofTnl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7eddfa10ece232dc-EWR
expires: Fri, 28 Jul 2023 13:15:37 GMT

GET
H3 200 blockadblock.js Show response
getgreenshot.org/js/vendor/ 7 KB
2 KB 26ms
25ms Script
application/javascript 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/js/vendor/blockadblock.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6733
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: BEA4:53D9:3AC78E:4F8DA9:631F8E02
etag: W/"631f86c2-1b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUKuBdOSy3SRBJAIJYP46dHsaZH89tr0yz4x78a4PIxcD%2B48nmBgQFrkQFnLgSGh0kVt%2FKBDVZCWx0Cj87vUwJE878TKfWCg8Ffb%2B3jrkV%2BUREF%2FUDea6yquPgxLd85sjBkzaBZXcSWKpjn3BEZ9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7eddfa112d0b32dc-EWR
expires: Fri, 28 Jul 2023 13:15:37 GMT

GET
H3 200 main.js Show response
getgreenshot.org/js/ 653 B
891 B 24ms
23ms Script
application/javascript 2606:4700:e0::ac40:6e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getgreenshot.org/js/main.js?v=2
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd152267c984fa30e9faedca7a3317b6151900b68b4b9daed18f8d7ff70ffc6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6733
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 19:21:38 GMT
server: cloudflare
x-github-request-id: A226:783F:3B56F3:54EE0C:631F8E02
etag: W/"631f86c2-28d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXZbT5S6z3vd%2BjkBHryKCFAlKsFNoO9%2B%2Fs1mPCsuZ9N%2FImzU6moVP8oJ3kteRD8vTh%2B5kJ0CDjPX8ZvSi1R3yVvbimTkuLocBMXIPONeLYjwtk2qthR9yNbjUXP6jV8j486UYx0o13fS7e1Q%2BNRf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7eddfa114d2432dc-EWR
expires: Fri, 28 Jul 2023 13:15:37 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 54ms
15ms Script
text/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: getgreenshot.org
URL: https://getgreenshot.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 13:07:46 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6604
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 28 Jul 2023 15:07:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 72ms
72ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

928b9d73695cd5fdc9663598e8a739de11713fb52f3e603a8def1681743efdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50908
x-xss-protection: 0
server: cafe
etag: 16644446272728357968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 14:57:50 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 34ms
33ms Image
image/gif 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=849429248&utmhn=getgreenshot.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Greenshot&utmhid=1508093914&utmr=-&utmp=%2F&utmht=1690556270386&utmac=UA-30035814-1&utmcc=__utma%3D267121944.1150367262.1690556270.1690556270.1690556270.1%3B%2B__utmz%3D267121944.1690556270.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1802993905&utmredir=1&utmu=qAQAAAAAAAAAAAAAAAAAAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 14:57:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/ 364 KB
125 KB 74ms
74ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfaf925affdfb3c1df3a5951915d101376e587c330b5c2c68384501254a626b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127799
x-xss-protection: 0
server: cafe
etag: 7517418592048154279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 14:57:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame 8666 10 KB
5 KB 58ms
11ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 51322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 00:42:28 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 00:42:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 64ms
63ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab089aea55fe42be24006e69889f2aaedae87f60cfae2a8ca0640f22a7647c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50895
x-xss-protection: 0
server: cafe
etag: 2691362795571507215
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 14:57:50 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
468 B 37ms
34ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=getgreenshot.org&callback=_gfp_s_&client=ca-pub-8484846442376136

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

301c9e5b1fa6eeaaa29c318ed532d27e2fadcd905ec03a5873efe79e54381acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D06F 84 KB
25 KB 1798ms
1797ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4062da813ef8cdd249f3cb10e6d22fb3d79eb876ba8ae007590e5e8ad0c96099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25600
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 14:57:52 GMT
expires: Fri, 28 Jul 2023 14:57:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 75ms
48ms XHR
application/json 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1519c0385310f64445df4388643fcc4ee876e0170c0b667b3b71a7d0ff01f29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11601
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2886 84 KB
25 KB 1445ms
1444ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b72ead43462df9e7f5624b09a72e8da31b54137c694623e99755301e9f1de9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25593
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 14:57:52 GMT
expires: Fri, 28 Jul 2023 14:57:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C22F 402 KB
72 KB 1571ms
1570ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&adk=1812271804&adf=3025194257&lmt=1663010503&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fgetgreenshot.org%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270475&bpp=3&bdt=794&idt=170&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C160x600&nras=1&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=941987407&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a911939026f06a167af3cb9d22f9d66b5fe92f346ef00db56aa70c65c4a3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 73407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 14:57:52 GMT
expires: Fri, 28 Jul 2023 14:57:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=FOOTER&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 14:57:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 115ms
51ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 14:57:50 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8650 13 KB
5 KB 12ms
11ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 152889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 20:29:41 GMT
expires: Thu, 25 Jul 2024 20:29:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6E4B 783 B
1 KB 84ms
40ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97e01e2caff1e719fd977acba540d4e0c1309cee955a12e2e081143d2264aab1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6p2HFAAoc7lcsP52lmUNUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-6p2HFAAoc7lcsP52lmUNUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 14:57:50 GMT
expires: Fri, 28 Jul 2023 14:57:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6E4B 0
0 41ms
40ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=428041776537970&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8650 37 KB
14 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 01:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 01:17:41 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8650 0
10 B 11ms
11ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QTn6uQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
45ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=428041776537970&bg=!Q0ClQBTNAAZGOVy5Zjk7ADkAdvg8Wr9TQhClD5HdVFSmLUlIU1_s8Cc-ifFB2AIW_F249JAw-ToBnoX47zKs1CTXTN1deS3tLVICAAAAhlIAAAAWaAEHmQK0ScFFRfr8NYHKBLUWFR0Dy7oYusCeMKQWFBYajuFiNkOkOwl_gX8hPub1DZ71hL3Z_wUxtFXaRVKGeeq98boYR9etLyyt3qjt3UpMYJMslV2ueCqgy2fuL-nymAlcA4BtlI5BSs8EQshIc0Y-h_2wfnAl8xTQZH0yhADID6ciA9LmGsw1CTYGFXKADEfRfzEgJXEynAxxa7lr83LZxfMclRxZi-s-9-iI6LHD9mCOlTXiMBULSiz1bS-7lHRCCaB-THx3_McHrD4ADkRpmQLrvKd5qLRY1CRSVhFYpC1sWXCL7SrfCKe5aao2k5Dp70sWFqrwdCgEt2LUmf3cnWJCAktEayg98oOpWcii1KEHy25zN8srpfOXF4w2CakGzj8Ti9w5zybx-RARPW6bYJKz2adFtHkKPvpZGZj4XTRI6_ae2RDOM2DVsRU1Yg8sugzq89K-3OEuZWYko9AoHpFPi2-0BLyGgOqwKbJG-5R6pPGkwKKqgtXLQ14AgPxZPYWTzpblsCALWMB8PI7E6k8eqrNaZAUDLxzdlF8w17pRLfchfSBb9nvozbbzbrWLJg6svqAWDpOs2rH7rhVbiM5kLsX2bKrGrv5lKj8aKzJ1j5b_1peJQjF5aGOoH4vNM7LXsrXVN5nO-H19tRj307bUW49imcQ-NtI1a_Q4Mp9S-EeYVXtCEQSD80uPPbIEiYevWVbyJYe6MreU_ZwqXLpoxNn7ggCMn3WRBB1z6JImeyJNkm386QcSZbqwW87kb62HdmY5uOyx4rVZT2GtgMeWa2y63w8YLZ5843xXaH9lfiCI8AdpMRt-U5SOZRL7izHdIa73xHYlBrQLteTWZjtTO8oxQBZgEYG0Hb1GRvcgVfBPRXrxQUDcsASebO0sXuzQdbcErAXFihrkPPfigUKgsI9kkd0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 2886 4 KB
767 B 36ms
34ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:28:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2886 1 KB
514 B 36ms
35ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:24:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2886 2 KB
658 B 38ms
36ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:28:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 2886 3 KB
1 KB 12ms
12ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:49:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 2886 20 KB
8 KB 12ms
11ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:49:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2886 179 KB
57 KB 168ms
102ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2886 15 KB
15 KB 12ms
11ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 20:47:37 GMT
x-content-type-options: nosniff
age: 151815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 20:47:37 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/ 154 KB
52 KB 48ms
47ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/reactive_library_fy2021.js?bust=31076425

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c71e317c87e572a6e7b136e70cea64c5d4d1025547deddf5da1eeae9a706591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://getgreenshot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53557
x-xss-protection: 0
server: cafe
etag: 15541776328878977992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2886 0
23 B 57ms
56ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CX_e_btfDZOHaKNXmo9kPpfW2wArSkbaNbbnQrsqWD8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi04NDg0ODQ2NDQyMzc2MTM2yAEJqAMByAMCqgTjAU_QB785uQdLlxZ-Pe5udncVzlCT15W3ob_lzgV6IdF9vV1oTHPx2tN7uhYl403IoiOAHSbZ3KgaNf5lvDYoeCeGa6vHHK7B29zl1kP0AtWgaBVzpZzcnzkWLbKUcVyQyXUYgiPgVtQJ2CxTdzoGtoTGg4pawy0GNchPO-91MQPD5mXkYbOraO63FPP5ga83Vjftr_8kiU4jdDOuLZ9C61XrlrPSkCD0Thsr3rsBWfk2DOjiAMpWKtI5zvkR-auzstbcxqiIFlJ252ic5zmy5KL_x4ygFVDAjheJ0KX2HVD3nZUbgAb6hYTjnP67qYYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NDg0ODQ2NDQyMzc2MTM2GAA&sigh=M3SQD2v1KOM&uach_m=[UACH]&cid=CAQSGwBpAlJWB43_sLdsTQlJ79T2wOKSTN8J9EfPWhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Jul 2023 14:57:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame 2886 0
460 B 135ms
71ms Image
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=1f6d6a3a-2d57-11ee-8d06-364891c14d06&d=getgreenshot.org&cr=ext_gen2_v10_dow_prot7&a=imp&p=ZMPXbgAKLWEFKPNVAA26pScQpM7Xb0etSzIgeQ&im=_f0mYMQX3-o7B_zlQ6QDFo0kBbny3n6CLcVuVdHHX8Bi1IS9G1QNRVg-WEDC6EX1k27SyItneWp9KpD_R0qeRA23QIJwrHo843frB5i6Mxd5G-AH3tkuEBHYs6IhrT_AllJhOY560gSW8Up6BhF3mx6NWZ9GJmftNzZcGcY763yVWSeoubWU_PcoEK9bjjOm6egUXYOH0K7eepCGxPHboC1AEyiFb3V1UGtXni1G6xzTSn2fN1myuCUvED3l8cuq4h7gaK7o5RSPCxki1pNz6w&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Bk70Lc5aeqGBbrDvaGRSXThlEDJxQ5C1XKJ9ROuXCQ7XkcDMFwZGui6QyJqA%2BE4CokPQGHfPeqdS3NW2IPrzf1rihZznH9UEXSTXtLwiA8at%2BZnRYqpucdEF8P9c%2FIw%2BuZ8F2LUsG4NeKDgtg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa1ee8b6423f-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 204 ev
g.bidbrain.app/rt/ Frame 2886 0
0 124ms
61ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.8665057109625689
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOOR8sajLq0J5Mr3Yd%2FuWVJW10QCLzmcG65o7V5QKQC840D4GYHYh0IHHtFaFyks6wR0ociZijpa3zcy%2FRumwhCjk4cOHISO2u4E2qJXlZCjAd7XCgBm7xERhRGREW2Y6Ocw91iSK2qLFuKIeA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa1eec4218b1-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
DATA 200
OK truncated
/ Frame 2886 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12550c9458124b13429e743a2c6b9d2ce373cde91af764cc3d50ca22f004b064

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2886 15 KB
16 KB 12ms
12ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 21:01:26 GMT
x-content-type-options: nosniff
age: 150986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 21:01:26 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame 2886 0
1 KB 97ms
67ms Ping
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=1f6d6a3a-2d57-11ee-8d06-364891c14d06&d=getgreenshot.org&cr=ext_gen2_v10_dow_prot7&gid=&a=vw_100&p=ZMPXbgAKLWEFKPNVAA26pScQpM7Xb0etSzIgeQ&r=365677809&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fux0Guco6XktlUwSuIMyXHLnthzuYdbWLstzhdtFIFZZDBdkyz7azffbi1nFQmwsPepESu3OgaVuZie4rH5jmTiPJXS3hkwudcM681HZxjXIkIrfgfTOo8NQuJgpcLcPiy7weaO4CKZToqIjrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa1ee8b8423f-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D06F 4 KB
671 B 36ms
35ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:28:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D06F 1 KB
441 B 38ms
34ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:30:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame D06F 2 KB
585 B 42ms
38ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:19:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D06F 3 KB
1 KB 14ms
13ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:49:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D06F 20 KB
8 KB 13ms
11ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:49:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D06F 179 KB
56 KB 56ms
53ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame B2E8 10 KB
4 KB 14ms
11ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 47767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 01:41:45 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 01:41:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame BD5D 10 KB
4 KB 26ms
11ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 47767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 01:41:45 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 01:41:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 6E8F 10 KB
4 KB 27ms
11ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 47767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 01:41:45 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 01:41:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 6A41 10 KB
4 KB 27ms
12ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_fy2021.js?bust=31076425

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getgreenshot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 47767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 01:41:45 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 01:41:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 ev
g.bidbrain.app/rt/ Frame 2886 0
0 62ms
61ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.09771260077241117
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwGx1mJh3CrMIq9eVrBS7cDmCZdfOca5u%2FMbDDXB%2FKlOvFFU7YiBknT1JMCJMP8LYUm%2F4NNQdsHmrvjeVPj86CNaBjwOvmslYg1r56QdZYKZSfLZe%2BT34yTuQoSFdfX7wi6lyH9HcLQ8p%2FJIyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa1f8ca918b1-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame B2E8 4 KB
671 B 50ms
50ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:21:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B2E8 205 B
651 B 64ms
11ms Image
image/png 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 16:09:11 GMT
x-content-type-options: nosniff
age: 341321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Jul 2024 16:09:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B2E8 604 B
696 B 65ms
12ms Image
image/png 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 21:04:19 GMT
x-content-type-options: nosniff
age: 150813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 25 Jul 2024 21:04:19 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame B2E8 14 KB
6 KB 19ms
18ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d22f70ec714241cb6cfff6851ba3b7118c29a8e0d073fbb70b6dd05dd48a7e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 00:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6346
x-xss-protection: 0
server: cafe
etag: 2178636335013097452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 00:41:11 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame B2E8 20 KB
8 KB 20ms
19ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4407e58a52926a78be27a8cdba65b8ccf8161463db84cee6cc81c7b7b1fb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 00:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8601
x-xss-protection: 0
server: cafe
etag: 3714838898622182897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 00:39:51 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame 2886 0
276 B 62ms
58ms Ping
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=1f6d6a3a-2d57-11ee-8d06-364891c14d06&d=getgreenshot.org&cr=ext_gen2_v10_dow_prot7&gid=&a=load&p=ZMPXbgAKLWEFKPNVAA26pScQpM7Xb0etSzIgeQ&r=365677809&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al4wrWCH82ZXZdPD%2Fw0KxNrVQq2FM%2BLqOkdycBRA3%2ByqmELhFeF%2BHKONLHdGw751S%2FDeGy20kPeZBTRYee6DWoK67KkFycKD18A0lQxMslcQ0%2FQexd4hxTdDJBmBZHv0DwidXEJp%2FtDTVLswPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa1fe9be423f-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 css
fonts.googleapis.com/ Frame BD5D 4 KB
671 B 40ms
39ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:21:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BD5D 1 KB
441 B 38ms
36ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:24:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame BD5D 2 KB
585 B 70ms
58ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:28:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame BD5D 3 KB
1 KB 25ms
13ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:49:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame BD5D 20 KB
8 KB 24ms
13ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:49:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD5D 179 KB
56 KB 47ms
36ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H2 200 5111 Show response
8proof.com/app/rtbmarkup/ Frame 9843 6 KB
2 KB 216ms
61ms Document
text/html 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://8proof.com/app/rtbmarkup/5111?id=566296639504&ctd=110095&crid=1185&ap=ZMPXbgAKpDAFKPjOAAT87eYzjx7T4M4H_r3sug
Requested by: Host: getgreenshot.org
URL: https://getgreenshot.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e0cd32ba482b070e715081bed97836662de1008b031986270fa0ba9e27b51207

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 28 Jul 2023 14:57:52 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 5111 Show response
8proof.com/app/rtbmarkup/ Frame 73B5 6 KB
2 KB 180ms
62ms Document
text/html 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://8proof.com/app/rtbmarkup/5111?id=566296764047&ctd=110095&crid=1205&ap=ZMPXbgAKpDEFKPjOAAT87fmZSMjHP2d9Qhfdfw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: be7234fbc62f9775ed24442f00fc9dd8b81266847e266d1111e96f36000d8dcd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 28 Jul 2023 14:57:52 GMT
server: nginx
vary: Accept-Encoding

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 2886 0
0 60ms
59ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.5688701073849729
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqH3e%2FoMcNi8%2FIxCwztDwqlxRDAm%2BUtVMIV3olcHkwarOrjx87VkwaPSFEnLDN2zrlQrpi5hE6hzmiIXVQFWjAw0tH7%2F7vD4%2BiNug3HnWbgTxvcToKMTM0pcbP1njS7y%2FXwYtH1A308pjDhTng%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa20cab0178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D06F 0
19 B 60ms
56ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVPeVbtfDZLbxJ4KOo9kP14C1kA_SkbaNbbnQrsqWD8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi04NDg0ODQ2NDQyMzc2MTM2yAEJqAMByAMCqgTjAU_QEh3htbL607u8THOX_2T9I1CFB17DtheKH4TBTjF1KSROqOAWT8-qbWlp-e_INXg8FE0E36Al-yZTKhlITfekbs6KwNOggAW_49aZbeI1XgOZ-JsPnuBY2dzAOevzr_T_Ssakdh8f72JB5VIK7IE8-PIy4IrMwYWdFmAikuKz54Uu89wSebpwXVdcyO9rXsM3P0TXpadLrqAvrqrtBicnhSiE3OXt9tXqIcDpJaSB3ihldhKZMzHDHZwq1xcAJrUpYPZefPvVxE3YbIJaIeduJpwe29hu-cqkVBWQ-sGfAerDgAbl_Ju39Zyh_ccBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NDg0ODQ2NDQyMzc2MTM2GAA&sigh=OVe3-5u64P8&uach_m=[UACH]&cid=CAQSGwBpAlJWP9KhbgpygERdgEQvYvYC7nCFwcKNfxgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Jul 2023 14:57:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 rtimp
g.bidbrain.app/ Frame D06F 0
935 B 90ms
86ms Image
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=1f69dadb-2d57-11ee-958e-2aa4b7e78dea&d=getgreenshot.org&cr=ext_gen2_v10_start_prot7__0&a=imp&p=ZMPXbgAJ-LYFKMcCAA1AV3huwkpvdtTsgWFW0g&im=WKD2EKCq737G599QryEAtJSAHS9zCw879aIv_JpNWB4ywBIQTlhYY-1CqfgCGrRSVgPRaSQIJ8MatY30YTS0wzUuJDv79KYuOTunwjynlZzInN3o3DVQ0OtbAqHicPCtHsFgCnqK3WnHv-ISoYdAtBX0b8S-9l_IO8VBbRboQpbJ_ym9o2Kwn9jyJS-KId6nPUK_pNjMV1kCqVi07Wp68lcOdBccsdkRnUoZFPbhYOlSNdHKffdjYYsllqbTHT4jh7wp4-vqL3bl2ntqS_U7zg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5xYzS%2FzccB3J8O6SksZqKMAOrLJ5VNfy9N51bQ71Sx6MUdz5GoR37oU6tmkf2YcdyTw837lMOzfYjduLZy5iAVEORsu3tk9woURRJ%2BAT1d72yqA%2FheiHVlqoukfNXjUWt4h0S%2BJ7jeVxmVUMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa211a1e43f1-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame D06F 0
0 66ms
62ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.9876534423737562
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKxZX29EhqTEV1kTFOV3aBaI6Lp6qlhr1qVX1elrLRhv5zz9yFfCyBzJbpgRmMSMbYmdM0AQEPRfvMv2RqKgQKkq%2BUNf7ogz%2BWRRI3uqtpuDI7WFoQKv9VCdFPsrJvKrkOXzZAFz2BnEFdXReA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa211ae6178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
DATA 200
OK truncated
/ Frame D06F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eca311be7a5db9f356cb02a5d2083e1774e4efedd5c4033931859645cbb945d6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D06F 15 KB
15 KB 19ms
15ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 20:47:37 GMT
x-content-type-options: nosniff
age: 151815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 20:47:37 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D06F 15 KB
16 KB 19ms
15ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 21:01:26 GMT
x-content-type-options: nosniff
age: 150986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 21:01:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1951 14 KB
1 KB 39ms
38ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 14:25:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 1951 23 KB
9 KB 13ms
13ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:49:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 1951 3 KB
1 KB 16ms
15ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:49:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 1951 20 KB
8 KB 18ms
16ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:49:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1951 179 KB
56 KB 55ms
53ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 14:57:52 GMT

GET
H2 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame 1951 33 KB
14 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 20:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:07:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 20:33:07 GMT

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 2886 0
0 56ms
55ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.3512490770262393
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GZWy8GUwuJcAdkFKtUZFmL1mpzZC6Q%2Bb33T4syhwqV8WxxFj7zMjSGdSwRzTE0Bw4CiJ23EUzr0PCZ1G9ukfQQ0xXTTtxv22qCjzfCUStLnSGDNyBgHg81UCbaqdp6FZce7cbG0YlItH9FBUw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa218b3e178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame D06F 0
781 B 68ms
66ms Ping
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=1f69dadb-2d57-11ee-958e-2aa4b7e78dea&d=getgreenshot.org&cr=ext_gen2_v10_start_prot7__0&gid=&a=vw_100&p=ZMPXbgAJ-LYFKMcCAA1AV3huwkpvdtTsgWFW0g&r=1399154131&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ss4Q%2BVG6pZAr1ZS6nc5FhJw7hDBfifI5Cbj0bbLJW%2FXcgK5uqV1Lb9feGjjf3rY3lvKxxxqyKk4NLRG7oVSAGYd6AVT0l8dKLhQ7VWTTIRJbS3F86zPatWMMZymIMA%2B8QToW9fdm%2FE%2B8dsCx1w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa21dac243f1-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame D06F 0
0 59ms
58ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.15376900148369632
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mvZ3%2BHHxRro2folmR4RcIevFA9qwtQVLt8CmC%2Fcd3vHwdfoe%2Bo9EFl9cEOrDhQjQNVl3mQvYfJ1ZUCiNrN5T9VcsRhpDwt3A2namT7KezJfp%2FIloz8JE1ZhtNDF9Vty%2B2UN4YEeXepncIwbNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa21eb8c178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET montserrat-v25-latin-800.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 9843 0
0

GET montserrat-v25-latin-600.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 9843 0
0

GET montserrat-v25-latin-800.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 73B5 0
0

GET montserrat-v25-latin-600.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 73B5 0
0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 2886 0
930 B 65ms
63ms Ping
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=1f6d6a3a-2d57-11ee-8d06-364891c14d06&d=getgreenshot.org&cr=ext_gen2_v10_dow_prot7&gid=&a=ev_prf&p=ZMPXbgAKLWEFKPNVAA26pScQpM7Xb0etSzIgeQ&r=365677809&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22155.30%22%2C%22205.20%22%2C%22122.90%22%2C%2295.00%22%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=600&slotname=7992105487&adk=2585668214&adf=2175242420&pi=t.ma~as.7992105487&w=160&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=160x600&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270434&bpp=1&bdt=753&idt=192&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2949744428982&frm=20&pv=1&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1205&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lWHekV0L1F&p=https%3A//getgreenshot.org&dtd=196
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lliHT7vVJHcjlwo%2F0OgxdYS%2BvfupaOlqk5YaFCppLHyOwUiGb2IWCpWcovC7nsphlP6%2FsKkCnxJZRxZd%2FGTU5QlycZ0r3FYLUmyh1SIlf0GiAhGPKcQd71MTszemyzu%2F9UCklARzCRwMEZQwkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa222b0d43f1-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame D06F 0
784 B 59ms
58ms Ping
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=1f69dadb-2d57-11ee-958e-2aa4b7e78dea&d=getgreenshot.org&cr=ext_gen2_v10_start_prot7__0&gid=&a=load&p=ZMPXbgAJ-LYFKMcCAA1AV3huwkpvdtTsgWFW0g&r=1399154131&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzoq75q8ACDkwQHGQsr2eokkqTlD8qfdJQmp%2FxU0N%2FEBE3nYLJ1%2BqI8TFNZnadfWjK%2FuP83SbftbH15ECMAbTdjW0y6Rbl%2BWmt6dD0p6DLLSSOF3jRvghXa2uBLT86LvJqSuYeluZtB8tN%2FYjg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa222b0e43f1-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame BD5D 0
0 59ms
59ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.9352882486126912
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1Z3%2B8J1GbA7gXr7a3T3Wh5l491GvuI5xpe32z6gqs7ZrI0zN8xNnb6FPGgsjgOUhnwh9OcN2BQSgYI8m4NI8zOOqSRpQrlAJPGclmvT%2FAVXV%2FHGMbkxQ0fd1GVNLuCzNV8XnaERDsh2hJtOUg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa222bbe178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame BD5D 0
930 B 60ms
59ms Ping
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=1f713b0e-2d57-11ee-8fe0-3ec9cfbdf960&d=getgreenshot.org&cr=ext_gen2_v10_dow_prot7&gid=&a=load&p=ZMPXbgAKpC8FKPjOAAT87W98DzcOkzxDOWKpAQ&r=1612593574&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcMi14Nz8UwdMpdxPRU2YT774B%2Bbq4Aww%2BHAGikn45kSA4lf9%2BaiFISU2byS4lQCFE67SEbmQaLMG%2BNLFgMigUom3YfBOgFvZpva%2FuiEzzC%2Bn2OfcpMwUxPbNinPcGH2PW1Rh1VFcQwmuRgQUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa223b2243f1-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame D06F 0
0 56ms
55ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.9949171716456631
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFBYQH8e5npiX6RfC5DZPt1mYR9UKLw2fr1Q%2FekaXdMYlnNLo51UYNMdWWFG%2FVhFB%2Bo1AvemZ9XmNtdGlJWYxbjjMqGoMhfF7mzAMLp6cafajTKwfaoOhCLpsEx8JV8DmZJgpF8ISAwRjzMyrw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa224bd4178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame BD5D 0
0 59ms
58ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.9750874712993631
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCfdCP2nv5pW2PDIS7hXoeLN43niZqUwI99qoGUzSA%2B%2BN4jZ%2FS5mowBRuG3u40xXj8vJ6%2Fv2F14sUMBR6MK9PPWsMSnHHUntR69xaD239kaQIylRaLZJEUw0UWyfyuQhXMIc6yJhpc4MZd%2Bm6w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa229c0b178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame D06F 0
0 56ms
55ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.7892224881317373
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITCqG%2F%2F1msATX9gukVnMf7NWhkAdg9lmvzxcfp%2B121tosmxxyE6RwXOzs9tpGoL0sd9aTanIDm6J0via9a2qswbkGKRspBvYEkUtHgFvVv2POmY1U3TL0pjVVQ%2BfVdW5kDH7UDdsOBPvJu37DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa22cc3d178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame AC9B 37 KB
14 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: getgreenshot.org
URL: https://getgreenshot.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 01:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 01:17:41 GMT

GET
H3 204 ev
g.bidbrain.app/rt/ Frame BD5D 0
0 69ms
68ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.9226312612915799
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oz%2BvYxtETctUS4leLIUAKsDtzL%2Bf%2FUqiP4o5bG4MOnjx1hn4prrjj7PVZffaqy0SpCGUhQbuAjpwHeaigPRYiXGJJzlJzPFq1PbUB3YwgdHjnFNntf4or11TUt0MHVhQz0jX0VkSC%2FDYNUfOcw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa23bce3178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame D06F 0
924 B 64ms
64ms Ping
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=1f69dadb-2d57-11ee-958e-2aa4b7e78dea&d=getgreenshot.org&cr=ext_gen2_v10_start_prot7__0&gid=&a=ev_prf&p=ZMPXbgAJ-LYFKMcCAA1AV3huwkpvdtTsgWFW0g&r=1399154131&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22137.10%22%2C%2269.70%22%2C%2280.40%22%2C%22144.40%22%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8484846442376136&output=html&h=280&slotname=6875409483&adk=755143415&adf=2071877279&pi=t.ma~as.6875409483&w=728&fwrn=4&fwrnh=100&lmt=1663010503&rafmt=1&format=728x280&url=https%3A%2F%2Fgetgreenshot.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690556270426&bpp=8&bdt=744&idt=165&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&correlator=2949744428982&frm=20&pv=2&ga_vid=1150367262.1690556270&ga_sid=1690556270&ga_hid=1508093914&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=447&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076087%2C31076425%2C44788442%2C44797786&oid=2&pvsid=428041776537970&tmod=105638580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P8htaWH2yw&p=https%3A//getgreenshot.org&dtd=192
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p41HSUrCGiazssLOuVRFYQdecuUoRr7wAADyNt1G2npw4nVvVQ7d1QQn%2B8stSVz0O59NG6ZIFTsY7hgrKrW8E7MDnViB%2Bz5wUb2RSij3xtiUZVFrBpLEasWgMD8eLm3YLMuoLakeTLVpyV6YUw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa23bc6f43f1-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame BD5D 0
0 56ms
56ms Fetch 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.6743517783697928
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rv2VNGdOYRJHuIS9k7V7XqMIlczPZrM4Cbo%2BOfxpKLADjwhTdymrhQ9GOutZNAGn8Yu6UPsOpIW2fR2GeTe9PDfGIKqO8bcho66nxZYLn7%2F3BanwRPEGrXXew09MPdWSA8edKHA%2B3Cz2b4hH4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa242d1b178c-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame BD5D 0
933 B 72ms
71ms Ping
text/plain 2606:4700:3033::ac43:8507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=1f713b0e-2d57-11ee-8fe0-3ec9cfbdf960&d=getgreenshot.org&cr=ext_gen2_v10_dow_prot7&gid=&a=ev_prf&p=ZMPXbgAKpC8FKPjOAAT87W98DzcOkzxDOWKpAQ&r=1612593574&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%2268.50%22%2C%22178.00%22%2C%2270.70%22%2C%2258.40%22%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHmepXIvI%2BSF5CZZp%2FMQLDYxL8Ba9Z93qKpLz7wlUoV4oFOLdUc0IJVJgKgtVeWQerrPhiEHlIozhHpf8mx18z5IRPuyL2JxpU%2BIqOmRwqjtZ25oWY%2BGGKy1NqTQJ3Si%2Byvsp5w4T%2B0gLD%2FZ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7eddfa248d4843f1-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2886 42 B
64 B 47ms
47ms Fetch
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssptagdw8gkaStjrv--j-J2JHuI6ln8mehJDrYzjhDknxx4CgNprI_UivbJzmm6sjYwmGEANzKxD59BGtPUjBBlCkZObvp8Gbg9fRdL&sig=Cg0ArKJSzCaNAlXW1z2ZEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2585668214&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690556270633&rpt=1722&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 14:57:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D06F 42 B
64 B 51ms
50ms Fetch
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRkKr1l35KSg-7_hXS-j8zm_ZWnUxs6P_4Y2qXHZNGtjMgC8O8c_6b1fD6wB5uMkzVYJGFqux3VS3VgL_bMKWHtT-GO6TdDfN_9RzW&sig=Cg0ArKJSzFg1DVAK6cmTEAE&id=lidar2&mcvt=1001&p=0,0,280,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=755143415&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690556270621&rpt=2119&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 14:57:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.8proof.com
URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2

Domain: cdn.8proof.com
URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2

Domain: cdn.8proof.com
URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2

Domain: cdn.8proof.com
URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
getgreenshot.org/	1970-01-20 14:20:34	Name: CookieConsent Value: {stamp:%27-1%27%2Cnecessary:true%2Cpreferences:true%2Cstatistics:true%2Cmarketing:true%2Cmethod:%27implied%27%2Cver:1%2Cutc:1690556270086%2Cregion:%27CA%27}
.getgreenshot.org/	1970-01-20 23:11:56	Name: __utma Value: 267121944.1150367262.1690556270.1690556270.1690556270.1
.getgreenshot.org/	1969-12-31 23:59:59	Name: __utmc Value: 267121944
.getgreenshot.org/	1970-01-20 17:58:44	Name: __utmz Value: 267121944.1690556270.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.getgreenshot.org/	1970-01-20 13:35:56	Name: __utmt Value: 1
.getgreenshot.org/	1970-01-20 13:35:58	Name: __utmb Value: 267121944.1.10.1690556270
.getgreenshot.org/	1970-01-20 22:57:32	Name: __gads Value: ID=22c17bfeb4069f6d-225c31bc1ce30004:T=1690556270:RT=1690556270:S=ALNI_MZ71dpEPz1lEtDedGFHs7_BvpFCHw
.getgreenshot.org/	1970-01-20 22:57:32	Name: __gpi Value: UID=00000d26d2527d3f:T=1690556270:RT=1690556270:S=ALNI_MajvgVnDkvAXK5paQGAQyEWtafFHA
.doubleclick.net/	1970-01-20 23:11:56	Name: IDE Value: AHWqTUmQBIC2HmT2ivpI39APnJKfUB1-aNzpIb-hw-qesGZjUieWfpAzkL_Vc7iqPGw
.bidbrain.app/	1970-01-20 23:11:56	Name: uid_cross Value: 20735174-2d57-11ee-95aa-1e6cb204a8b0
.bidbrain.app/	1970-01-20 13:36:03	Name: sid_cross Value: 1f713b0e-2d57-11ee-8fe0-3ec9cfbdf960

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://8proof.com/app/rtbmarkup/5111?id=566296639504&ctd=110095&crid=1185&ap=ZMPXbgAKpDAFKPjOAAT87eYzjx7T4M4H_r3sug Message: Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://8proof.com/app/rtbmarkup/5111?id=566296764047&ctd=110095&crid=1205&ap=ZMPXbgAKpDEFKPjOAAT87fmZSMjHP2d9Qhfdfw Message: Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://8proof.com/app/rtbmarkup/5111?id=566296639504&ctd=110095&crid=1185&ap=ZMPXbgAKpDAFKPjOAAT87eYzjx7T4M4H_r3sug Message: Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://8proof.com/app/rtbmarkup/5111?id=566296764047&ctd=110095&crid=1205&ap=ZMPXbgAKpDEFKPjOAAT87fmZSMjHP2d9Qhfdfw Message: Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
cdn.8proof.com
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
getgreenshot.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
cdn.8proof.com
2600:1400:d:492::f09
2600:1400:d::1721:ee11
2606:4700:3033::ac43:8507
2606:4700:e0::ac40:6e16
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::2008
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
52.116.53.150
12550c9458124b13429e743a2c6b9d2ce373cde91af764cc3d50ca22f004b064
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1519c0385310f64445df4388643fcc4ee876e0170c0b667b3b71a7d0ff01f29e
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
301c9e5b1fa6eeaaa29c318ed532d27e2fadcd905ec03a5873efe79e54381acf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
4062da813ef8cdd249f3cb10e6d22fb3d79eb876ba8ae007590e5e8ad0c96099
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dd152267c984fa30e9faedca7a3317b6151900b68b4b9daed18f8d7ff70ffc6
541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59ec733cb38ee1c685cda9409cc5502f2ea47dd072f70b30146f5494dbe32ba8
5a911939026f06a167af3cb9d22f9d66b5fe92f346ef00db56aa70c65c4a3f5d
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c71e317c87e572a6e7b136e70cea64c5d4d1025547deddf5da1eeae9a706591
6f4407e58a52926a78be27a8cdba65b8ccf8161463db84cee6cc81c7b7b1fb91
6f68d307211489bf15be640ce0793e3b8c289aa8ede24020e1cd563ee67e4c79
7078dbde85de877625300c4adcdc174dda14e70bf5369f5071785d217ea87a5a
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
754f57966eb9676bdddb5475067b5089c040d4b8219ef959f4b24d599eb1ec34
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7d7b955fb9d7c2b6f5a1bfe6eb7f612438b2695c0049c1f98daad4cf6c16cfc4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8c568a2262a172bd40e6080a554094470686624ca9e62b977e64e78cfd460111
8dda284b2884152157e98574f8340cd385a9b6bb2d1fd8179fe990785ec228c8
8e5d34884a1d935e952aa71605b4710e65b00e76471f229ce2f68ce77fbcaeb0
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
928b9d73695cd5fdc9663598e8a739de11713fb52f3e603a8def1681743efdba
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
97e01e2caff1e719fd977acba540d4e0c1309cee955a12e2e081143d2264aab1
9f9151dfc73d49498a402ddf5c91127fb8f2e32cdccb0b8f471ee39bf677f967
a075bc7b4f332e06c46d8d781402d477f5f91579ea3b82bcfd62fd567861eed1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab089aea55fe42be24006e69889f2aaedae87f60cfae2a8ca0640f22a7647c1d
b72ead43462df9e7f5624b09a72e8da31b54137c694623e99755301e9f1de9ae
be7234fbc62f9775ed24442f00fc9dd8b81266847e266d1111e96f36000d8dcd
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
cfaf925affdfb3c1df3a5951915d101376e587c330b5c2c68384501254a626b4
d22f70ec714241cb6cfff6851ba3b7118c29a8e0d073fbb70b6dd05dd48a7e88
e0cd32ba482b070e715081bed97836662de1008b031986270fa0ba9e27b51207
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748
eca311be7a5db9f356cb02a5d2083e1774e4efedd5c4033931859645cbb945d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

getgreenshot.org Open in urlscan Pro 2606:4700:e0::ac40:6e16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

96 %HTTPS

93 %IPv6

12 Domains

16 Subdomains

15 IPs

2 Countries

1192 kBTransfer

3258 kBSize

11 Cookies

6 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

getgreenshot.org Open in urlscan Pro
2606:4700:e0::ac40:6e16 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

96 %
HTTPS

93 %
IPv6

12
Domains

16
Subdomains

15
IPs

2
Countries

1192 kB
Transfer

3258 kB
Size

11
Cookies

111 HTTP transactions
2 data transactions