www.google.com Open in urlscan Pro
2a00:1450:4001:82a::2004 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://alwaysdomain02.online/py/fox3.php
Effective URL:
https://www.google.com/search?q=rusticotv.com
Submission: On November 09 via api (November 9th 2024, 4:00:34 pm UTC) from US — Scanned from GB

Summary HTTP 48 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 48 HTTP transactions. The main IP is 2a00:1450:4001:82a::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 3.
TLS certificate: Issued by WR2 on October 7th 2024. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::6815:5984	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
48	12

1 2606:4700:3037::6815:5984 (United States)

ASN13335 (CLOUDFLARENET, US)

alwaysdomain02.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

gekeebsirs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::9d (United States)

ASN15169 (GOOGLE, US)

www.rusticotv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.similarweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ogads-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	google.com www.google.com — Cisco Umbrella Rank: 3 play.google.com — Cisco Umbrella Rank: 17	870 KB
10	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	361 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	99 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 ogads-pa.googleapis.com — Cisco Umbrella Rank: 333	34 KB
1	similarweb.com www.similarweb.com — Cisco Umbrella Rank: 222175	101 KB
1	rusticotv.com www.rusticotv.com	13 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	20 B
1	gekeebsirs.com gekeebsirs.com — Cisco Umbrella Rank: 189361	30 KB
1	alwaysdomain02.online alwaysdomain02.online	1 MB
0	boataushaus.net Failed boataushaus.net Failed
48	10

	Domain	Requested by
24	www.google.com	alwaysdomain02.online www.google.com
10	cdn.jsdelivr.net	alwaysdomain02.online
2	ogads-pa.googleapis.com	www.gstatic.com
2	www.gstatic.com	www.google.com
2	fonts.gstatic.com	www.google.com
1	play.google.com	www.gstatic.com
1	www.similarweb.com	alwaysdomain02.online
1	www.rusticotv.com	alwaysdomain02.online
1	www.googleadservices.com	www.google.com
1	ajax.googleapis.com	alwaysdomain02.online
1	gekeebsirs.com	alwaysdomain02.online
1	alwaysdomain02.online
0	boataushaus.net Failed	gekeebsirs.com
48	13

This site contains links to these domains. Also see Links.

Domain
support.google.com
www.google.ae
accounts.google.com
maps.google.com
policies.google.com
www.rusticotv.com
translate.google.com
rusticotv.com
www.similarweb.com
m.facebook.com
www.semrush.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
alwaysdomain02.online WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
gekeebsirs.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.googleadservices.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
rusticotv.com WE1	`2024-10-12` - `2025-01-10`	3 months	crt.sh
www.similarweb.com R11	`2024-09-04` - `2024-12-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/search?q=rusticotv.com
Frame ID: 9645158EC8682A812C9567758F375E96
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

rusticotv.com - Google Search

Page URL History Show full URLs

http://alwaysdomain02.online/py/fox3.php HTTP 307
https://alwaysdomain02.online/py/fox3.php Page URL
https://www.google.com/search?q=rusticotv.com Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

48
Requests

98 %
HTTPS

82 %
IPv6

10
Domains

13
Subdomains

12
IPs

3
Countries

2982 kB
Transfer

8207 kB
Size

6
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/websearch/answer/181196?hl=en-AE
Title: Accessibility help

Search URL Search Domain Scan URL

URL: https://www.google.ae/intl/en/about/products?tab=wh

Search URL Search Domain Scan URL

URL: https://accounts.google.com/ServiceLogin?hl=en&passive=true&continue=https://www.google.com/search%3Fq%3Drusticotv.com&ec=GAZAAQ
Title: Sign in

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?sca_esv=715a3438d9c7508a&output=search&q=rusticotv.com&source=lnms&fbs=AEQNm0CvspUPonaF8UH5s_LBD3JPsLt3iVi1ADG6L3-aaxxkBvONud3B_END6F_s_jMhjE1MsSZPfE0E0-txgE6pRBcAgRPNSzrQSSee6LtjoDPsDuFuxyRhcWc0c4BQXBj4XOoeHvbLJSRemh_I8Jy7P8pXUBCLrIHPccA_bjC_Hp2TJ-Qi4dRrFk4YC9SGmk7WeiXwRHWwnphYKVBz7gRRAgIpNG5q-w&entry=mc&ved=1t:200715&ictx=111
Title: Maps

Search URL Search Domain Scan URL

URL: https://support.google.com/websearch/?p=dsrp_search_hc&hl=en-AE
Title: Help

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=en-AE&fg=1
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=en-AE&fg=1
Title: Terms

Search URL Search Domain Scan URL

URL: https://support.google.com/websearch/answer/510?hl=en-AE&prev=https://www.google.com/search?q%3Drusticotv.com%26sssc%3D1
Title: More about SafeSearch

Search URL Search Domain Scan URL

URL: https://www.rusticotv.com/
Title: Rustico TV - Futbol en Maxima CalidadRustico TVhttps://www.rusticotv.com

Search URL Search Domain Scan URL

URL: https://translate.google.com/translate?hl=en&sl=es&u=https://www.rusticotv.com/&prev=search&pto=aue
Title: Translate this page

Search URL Search Domain Scan URL

URL: https://rusticotv.com/en-vivo/granhermano.html
Title: Redirección

Search URL Search Domain Scan URL

URL: https://rusticotv.com/agenda-disney-solo-pc.html
Title: Elige el evento

Search URL Search Domain Scan URL

URL: https://www.rusticotv.com/en-vivo/goltv.html
Title: GOL TV En Vivo

Search URL Search Domain Scan URL

URL: https://www.rusticotv.com/star.html
Title: Star +

Search URL Search Domain Scan URL

URL: https://rusticotv.com/tv/
Title: Canal

Search URL Search Domain Scan URL

URL: https://www.similarweb.com/website/rusticotv.com/competitors/
Title: rusticotv.com Competitors - Top Sites Like ...Similarwebhttps://www.similarweb.com › co...

Search URL Search Domain Scan URL

URL: https://translate.google.com/translate?hl=en&sl=es&u=https://www.similarweb.com/website/rusticotv.com/competitors/&prev=search&pto=aue
Title: Translate this page

Search URL Search Domain Scan URL

URL: https://m.facebook.com/rusticotv.org
Title: What is Rusticotv.orgFacebook · What is Rusticotv.org2 followers

Search URL Search Domain Scan URL

URL: https://www.semrush.com/website/rusticotv.com/overview/
Title: rusticotv.com September 2024 Traffic StatsSemrushhttps://www.semrush.com › rusticotv.com › overview

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rusticotvorg/
Title: Rusticotv.org (@rusticotvorg) • Instagram photos and videosInstagram · rusticotvorg3 followers

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@rusticotv7207
Title: Rustico TvYouTube · Rustico Tv560+ followers

Search URL Search Domain Scan URL

URL: https://www.similarweb.com/website/rusticotv.com/
Title: rusticotv.com Website Analysis for September 2024Similarwebhttps://www.similarweb.com › website › rusticotv

Search URL Search Domain Scan URL

URL: https://support.google.com/websearch/?p=ws_results_help&hl=en-AE&fg=1
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://alwaysdomain02.online/py/fox3.php HTTP 307
https://alwaysdomain02.online/py/fox3.php Page URL
https://www.google.com/search?q=rusticotv.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://alwaysdomain02.online/py/fox3.php HTTP 307
https://alwaysdomain02.online/py/fox3.php

48 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

fox3.php Show response
alwaysdomain02.online/py/
Redirect Chain

http://alwaysdomain02.online/py/fox3.php
https://alwaysdomain02.online/py/fox3.php

4 MB
1 MB

367ms
230ms

Document
text/html

2606:4700:3037::6815:5984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://alwaysdomain02.online/py/fox3.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5984 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61471c1fb7823a430734a88bdfd60c8575bf15af1a99dd98950a5123e46af5a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dff04099cdbcd26-LHR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 09 Nov 2024 16:00:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cbEB8JOSo%2BgJmvcyCsY4S2p%2BYdWD8TLBFubGwc8mNP3iG6hSA2vPWJswn%2BCbbXuVf5HL1JnDP3XOPH%2FnTM0cZ024pcLPY6iahwL33NhSnVZ%2Bpq1PfwLyOVXSdhflcHPaP8OPsf%2FEfDwKW%2FZmUZk9RwySSCE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=48601&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4176&recv_bytes=4441&delivery_rate=320&cwnd=12000&unsent_bytes=0&cid=bd6376be8c52d01c&ts=271&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

Location: https://alwaysdomain02.online/py/fox3.php
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 tag.min.js
gekeebsirs.com/ 70 KB
30 KB 281ms
42ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gekeebsirs.com/tag.min.js
Requested by: Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://alwaysdomain02.online/

Response headers

access-control-max-age: 86400
content-encoding: zstd
cf-cache-status: HIT
age: 42353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1piKM9pX50E13OSeQPGvlAzstG%2FhdSys2AtZjqJGvCiLadgsezuAyGDVGspvFQJeFb0X8O68lVH3hhzKSxg8O444ScbOrU%2BSAzE%2FEnj0Ge190A5ZtpHxcwfjMYtWYKbtkg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 10 Nov 2024 04:14:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26712&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4286&delivery_rate=104671&cwnd=12000&unsent_bytes=0&cid=138e326413624b49&ts=177&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 09 Nov 2024 04:10:45 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cache-control: max-age=86400
timing-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 55e51338f1f9413734db07b53a634170
cf-ray: 8dff04127ceb772f-LHR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 console-ban.min.js
cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/ 2 KB
1 KB 199ms
60ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"94a-x2FYTFEbUDUMlcmV/trIW701Sjg"
age: 8022627
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BtpdeT4V%2BDOnScmmjgqutLR%2Bf5Tesm8nFXYCXPbq4w%2B92sl4JPqs4PwOPMgFn%2FOcb3YsKynrIAx1zLI2TY5D3hXNHpdOfyJ4f1ysZ8YgtxAMMui8geH7PEmA2o4X3UNYNW5%2FbyHXpnUPVI9l00%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220103-FRA, cache-lga21967-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e38cd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1082
server: cloudflare
x-jsd-version: 4.1.0

GET
H2 200 clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/ 456 KB
128 KB 195ms
76ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"72005-xDPIgqHJfOeFuHY26QsUErnjK9w"
age: 1890428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EJ0r69g7vjubBj9G%2BqrZ4rgNq5ADs0grVNCCHmUqaHNHHlD%2BR7zAVGdcTukQu4r8R4hz7PX%2Bgz5w7eO2krp85nTB9gOf%2FLPgs2HT%2FfRqUXq%2BbDuRxScnqbAn7G3ye2BvP8IFWlwi6QZicS624sY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230024-FRA, cache-lga21953-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e3ecd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 130412
server: cloudflare
x-jsd-version: 0.4.0

GET
H2 200 mux.min.js
cdn.jsdelivr.net/npm/mux.js@5.6.7/dist/ 102 KB
30 KB 180ms
62ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mux.js@5.6.7/dist/mux.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"198fc-Kvx3Hfve5wXWTGNZN543LNwJ0Ds"
age: 16166415
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DH%2FsmHDZ4r37sI2urhc60%2BVNEbjaAx4UahokGoXqNJWlNIjwA59FiSsjZHAle8apoQ3bxD8lfJWHg%2BlMnuw29qjO8IF9x7W1n%2Br15G2Lj3aHeDv22rgWVQO4U8A3jNAvf9QpIjhcZCabyHxmP3A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220082-FRA, cache-lga21925-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e42cd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30522
server: cloudflare
x-jsd-version: 5.6.7

GET
H2 200 level-selector.min.js
cdn.jsdelivr.net/npm/level-selector@latest/dist/ 28 KB
10 KB 241ms
124ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/level-selector@latest/dist/level-selector.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
age: 30176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8DQ5aDmiXutmEQ0vE1la0a4Efd1Z%2FcDYTJXUjlGRLDI08SwO7FAygMAHbnd2e7%2FLqt%2BD%2FkCzlEnSCP2h%2Biez3woCOecaRpQ22nGLWaM4Be%2BsCMXi168kmVqYD2P3V4Td9NaPtqpjAORXLh8wNg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230022-FRA, cache-lga21953-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e45cd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10069
server: cloudflare
x-jsd-version: 0.2.0

GET
H2 200 clappr-chromecast-plugin.min.js
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/ 25 KB
8 KB 177ms
60ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
age: 18656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2BRV%2FtZm%2FBOwWTazq3rxhcer%2BYfGR13vxtkgQP%2FwOa1hM5b99tpLGFynmARNdPMYvZgq6bARkKL%2FZozoVktdZxsNi%2BiWEsTaN%2Fa9BR7ppI5rt9T8CnBTV3bTYqzkw9KyZe0jRiuFzStPcApwQG4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220139-FRA, cache-lga21969-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e47cd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7330
server: cloudflare
x-jsd-version: 0.1.1

GET
H2 200 clappr-pip.min.js
cdn.jsdelivr.net/npm/clappr-pip@latest/dist/ 17 KB
5 KB 179ms
61ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr-pip@latest/dist/clappr-pip.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"43c1-RKo6NIC/4FKt/YuAARBvjBUlpX0"
age: 20619
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ogoh%2B26etO024ZEsWOwchd5FnzetyNSV5evcEUrmcFtvW3RhidE7fQTfczs3W%2Fz8RIzW6s%2Fa3BLK33Qc2wyQR%2B5DaliNThdLegAr66QvuiqM%2FWp0oXJ5KFxqbkadgMdDfGvFMIYrGtGcRCaMlg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230120-FRA, cache-lga21949-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e49cd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4866
server: cloudflare
x-jsd-version: 0.2.0

GET
H2 200 clappr-playback-rate-plugin.min.js
cdn.jsdelivr.net/npm/clappr-playback-rate-plugin@latest/dist/ 8 KB
3 KB 242ms
124ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr-playback-rate-plugin@latest/dist/clappr-playback-rate-plugin.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"1e04-jwf7nsEAT236Ef6HQZnT2bNrC6M"
age: 16264
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2FQe0Y74DWrBMzjBDNiLjOWwuOTROGrRFgUxzzeJViLLwtxeBLDgGwUTkI%2B2vB9yQvehHJwmtvMgTVTlWpRLa97kCpxTkzaBHDpyzI4rss1fVd5P6fWeWzeHXlrEOcGVbRWhTMDYRfLDd9SGiV8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230111-FRA, cache-lga21921-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e4acd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2874
server: cloudflare
x-jsd-version: 0.3.2

GET
H2 200 shaka-player.compiled.min.js
cdn.jsdelivr.net/npm/shaka-player@2.5.10/dist/ 287 KB
93 KB 221ms
104ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/shaka-player@2.5.10/dist/shaka-player.compiled.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"47d43-FuRtb8s/HcGC16MbDKGb1TWZRJA"
age: 10630187
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XShlG2O6AQXk8%2BirgdZuyVGOQCveLmIHtrzRDJW%2BpG3EIEq1LdSk23Vmpa4PymEq493xshDoZjPcFwVtlIEjsa9fh1FMoRFjoOz%2FuQ66w18hXUiODfAGY4N%2BifJy4Uu8y38gwRdX93cOxSQzRpc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230067-FRA, cache-lga21977-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e4dcd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 94225
server: cloudflare
x-jsd-version: 2.5.10

GET
H2 200 dash-shaka-playback.external.min.js
cdn.jsdelivr.net/gh/clappr/dash-shaka-playback@latest/dist/ 13 KB
4 KB 242ms
125ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/dash-shaka-playback@latest/dist/dash-shaka-playback.external.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"3519-MhxSRVDg1eUh+wXqnCtO6B7clfg"
age: 9056
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3rePNUamF4WnOiQMTeC9ct5w7rEu3QC0vCFF4uWXE%2F8k%2FWU0RAWtOLAbBeB0uIIb6Kb%2Fi8qhn460xowef%2BmiHQZr6jiCYAq6G9xC5WASj%2FDgFycN6X%2FJgbRU%2Bt2fl6y7d9S60hXwiaKZ91AIUc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220097-FRA, cache-lga21975-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e52cd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3952
server: cloudflare
x-jsd-version: 2.3.6

GET
H2 200 cdnbye-shaka@latest
cdn.jsdelivr.net/npm/ 262 KB
78 KB 239ms
122ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cdnbye-shaka@latest

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"418b2-tF0UKw0QrPSUMEjHd0KRSd6JeN0"
age: 9056
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bcmkze44hOb%2F2aJgqoy7gXkLAZBRydiuBz9sP6sX1psqufGNZVOAqOYYr19TFL3k948RxdHP31XHGI4cQ55AStPnEeNA6wNEaQfMtvfw2XAYoW84nFWYBXvq10AyzEwZ1lxDoai%2FFvedOPrZXQ4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 16:00:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230084-FRA, cache-lga21946-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dff04129e4ecd67-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79228
server: cloudflare
x-jsd-version: 0.5.13

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ 95 KB
34 KB 175ms
40ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://alwaysdomain02.online/

Response headers

content-encoding: gzip
age: 261020
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:30:08 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34044
x-xss-protection: 0
server: sffe

GET
H3 200 Primary Request search Show response
www.google.com/ 291 KB
75 KB 217ms
72ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/search?q=rusticotv.com

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

05f0e4bcb272bfaeca6718b9281bc190f3f8e1ba47d72acb5e926e9167fe2608

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-hesCr8N4dzVH6NlAkUOoQA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://alwaysdomain02.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-Prefers-Color-Scheme Sec-CH-UA-Form-Factors Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-hesCr8N4dzVH6NlAkUOoQA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sat, 09 Nov 2024 16:00:28 GMT
expires: -1
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server: gws
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET /
boataushaus.net/5/8424092/ 0
0

GET
H3 200 4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 24 KB
24 KB 148ms
39ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.google.com
Referer: https://www.google.com/

Response headers

age: 378090
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 06:58:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:58:59 GMT
last-modified: Tue, 23 Feb 2021 01:47:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24652
x-xss-protection: 0
server: sffe

GET
H3 200 desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 660 B
682 B 47ms
46ms Image
image/webp 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/search?q=rusticotv.com

Response headers

cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 16:00:28 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 660
date: Sat, 09 Nov 2024 16:00:28 GMT
x-xss-protection: 0
content-type: image/webp
last-modified: Wed, 22 Apr 2020 22:00:00 GMT
server: sffe

GET
H3 204 /
www.googleadservices.com/pagead/conversion/16521530460/ 0
20 B 235ms
53ms Image
text/css 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/conversion/16521530460/?gad_source=1&adview_type=1&adview_query_id=CLjjn7vPz4kDFcyAgwcdbbUM-Q

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 09 Nov 2024 16:00:29 GMT
x-xss-protection: 0
content-type: text/css; charset=UTF-8
server: cafe

GET
H3 204 /
www.google.com/pagead/1p-conversion/16521530460/ 0
20 B 69ms
68ms Image
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/16521530460/?gad_source=1&adview_type=4&adview_query_id=CLjjn7vPz4kDFcyAgwcdbbUM-Q

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 09 Nov 2024 16:00:29 GMT
x-xss-protection: 0
content-type: text/css; charset=UTF-8
server: cafe

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b6b8bb669229eb8d860142a3671219ad3f2c7699a361fedf80778b38f67df95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 731bd03f30b94c37c26b8576b836979754a952a4c57f5d2b9d5ab490b93a01a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 475 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7228e8de3117faabc74ea67345a760ea32b489d5b3d21c0991606e3ce6236e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc76c25a3f75fbcbf0c32eeb4b010e30777a1b0f18028da360789b0ec4e2ece8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 340 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9119ea0a71f813f547c680fa6f9bd9f91012c3bf81e19c961a7c11fc65152e7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ace9d9374645bc64d215be46c60098ab95f6901510578c8dbe68e50078ce88a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7a0b5a702d1d5421266d50fd5b71d316e9ba95c5f156c9cbc3371c2c1e116a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

Content-Type: image/png

GET
H3 200 nav_logo321.webp
www.google.com/images/ 5 KB
5 KB 49ms
49ms Image
image/webp 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/nav_logo321.webp

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

460997174b5c47f2245acb674bd5b1d0092272c4698ae83e504fc8cf06e1260b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/search?q=rusticotv.com

Response headers

cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 16:00:29 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 5494
date: Sat, 09 Nov 2024 16:00:29 GMT
x-xss-protection: 0
content-type: image/webp
last-modified: Fri, 23 Aug 2024 07:30:00 GMT
server: sffe

POST
H3 204 gen_204
www.google.com/ 0
17 B 49ms
48ms Ping
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?s=web&t=aft&atyp=csi&ei=HIcvZ4-UMO6Ti-gP78qy-Qw&rt=wsrt.220,aft.229,afts.229,frts.226,frvt.226,hst.28,prt.236,sct.200&frtp=773&imn=7&ima=0&imad=0&imac=4&wh=1200&aft=1&aftp=1373&opi=89978449&dt=&ts=300

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-L--xyS9xDqA_pXrU0qDQhQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-L--xyS9xDqA_pXrU0qDQhQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 09 Nov 2024 16:00:29 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

GET
H3 200 m=attn,cdos,gwc,hsm,jsa,kY0M7,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,d,csi
www.google.com/xjs/_/ss/k=xjs.s.HjAETe5uZyc.L.B1.O/am=QOoAIAQAAIAAAEAEqAAgAAAAAAAAAAAAAAAAAAAAAAAASAAAAEAAAAAJAAAEAIAIAAAAAQAAxAsAANgAAAIAAD4AAEcFAAwAAAAAgABIAAAAAAAAEACgQAAAIAQAAAAACAQAAAQAAEIABAI... 6 KB
2 KB 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/xjs/_/ss/k=xjs.s.HjAETe5uZyc.L.B1.O/am=QOoAIAQAAIAAAEAEqAAgAAAAAAAAAAAAAAAAAAAAAAAASAAAAEAAAAAJAAAEAIAIAAAAAQAAxAsAANgAAAIAAD4AAEcFAAwAAAAAgABIAAAAAAAAEACgQAAAIAQAAAAACAQAAAQAAEIABAIAKAQAAAAABgAABgAAAABACCAAgAAGQAECkIAAUBBAPyoIACAAMAAAgCAgHMAwAKECAANwBAAAAAAAAAAAAEAAEAIAAMCAAgAggAAAPQAEgAUAQDIQAQCCgIEAigAgAAAACAAAAAAEQCAAACImAI6AAQgAAAAAAAAAkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAAAAAAAAAAAAAAAAAAAAAAAIA/d=1/ed=1/br=1/rs=ACT90oEbCZfBgWEPbZUE_cvnbafwBLyVIg/m=attn,cdos,gwc,hsm,jsa,kY0M7,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,d,csi

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9483b5464e6543408832d2cbab65c805050adc758e4ec07db9e39568d0c54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 16:00:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 16:00:29 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Origin
last-modified: Sat, 09 Nov 2024 00:15:10 GMT
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="gws-team"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
accept-ranges: bytes
content-length: 2327
x-xss-protection: 0
server: sffe

GET
H3 200 rs=AA2YrTtIXyKzezqtPm3BaMoLuyoFWUr_Tg Show response
www.gstatic.com/og/_/js/k=og.asy.en_US.nFQCVW2sook.2019.O/rt=j/m=_ac,_awd,ada,lldp,qads/exm=/d=1/ed=1/ 200 KB
73 KB 165ms
43ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.asy.en_US.nFQCVW2sook.2019.O/rt=j/m=_ac,_awd,ada,lldp,qads/exm=/d=1/ed=1/rs=AA2YrTtIXyKzezqtPm3BaMoLuyoFWUr_Tg

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e686438513cf16b713d6164722bce9eaad9a8ef430dacb8fff7a9232003282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 293907
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 06:22:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 06:22:02 GMT
last-modified: Mon, 04 Nov 2024 02:27:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
accept-ranges: bytes
content-length: 74297
x-xss-protection: 0
server: sffe

GET
H3 200 rs=AA2YrTsCy2AYw7y470HB1cYPF_znp471VA
www.gstatic.com/og/_/ss/k=og.asy.nOQ4i3E-eqE.L.W.O/m=ll_tdm,adcgm3,ll_fw/excm=/d=1/ed=1/ct=zgms/ 6 KB
1 KB 161ms
42ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/ss/k=og.asy.nOQ4i3E-eqE.L.W.O/m=ll_tdm,adcgm3,ll_fw/excm=/d=1/ed=1/ct=zgms/rs=AA2YrTsCy2AYw7y470HB1cYPF_znp471VA

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce935d097b4959a10ef7b1fe8e25b2a68e14c0d7f1bdad27f89661baa3325cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 226133
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 01:11:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 01:11:36 GMT
last-modified: Fri, 01 Nov 2024 01:31:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
accept-ranges: bytes
content-length: 1414
x-xss-protection: 0
server: sffe

GET
H3 200 m=attn,cdos,gwc,hsm,jsa,kY0M7,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,d,csi Show response
www.google.com/xjs/_/js/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAIoICAAAAAAACgAAAAAAAAAAAAAAAAAAAAAABAQgEBIAACAAAAAAACwAAAAIQZAAAEAgAAAAAAAE... 1 MB
487 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/xjs/_/js/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAIoICAAAAAAACgAAAAAAAAAAAAAAAAAAAAAABAQgEBIAACAAAAAAACwAAAAIQZAAAEAgAAAAAAAEGAAAAAgQATQ7z8BAAAAAAAAAACACAAkAAAAAOACAIAAUBAAAAKAAAAAMAAAACAAAAAAAIACAAABAAAAAAAIAAAAAAAAAAAAAEAA0A8AAAAAAAAAAAAAABAAAAAAAMAACgAE8AMAAAAAAAAAAAAABAEAAI6AAQiAAAAAAAAA9wHA4wHhkMICAAAAAAAAAAAAAAAAAUgQzAHpLwgAAQAAAAAAAAAAAAAAAAAAKYImLjcAIA/d=1/ed=1/dg=3/br=1/rs=ACT90oElns0DV8lkW8eqVEj77OxIFv2ZoQ/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;FqHJkd:yQamIb;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IZrNqe:P8ha2c;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;PqHfGe:im2cZe;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ScI3Yc:e7Hzgb,e7Hzgb;ShpF6e:N0pvGc;SzQQ3e:dNhofb;TxfV6d:YORN0b;U96pRd:FsR04;UBKJZ:LGDJGb;UDrY1c:eps46d;UVmjEd:EesRsb;UVzb9c:IvPZ6d;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YIZmRd:A1yn5d;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZSH6tc:QAvyLe;ZWEUA:afR4Cf;Zen4yb:jMF88c;ZlOOMb:P0I0Ec;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aCJ9tf:qKftvc;aZ61od:arTwJ;af0EJf:ghinId;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dowIGb:ebZ3mb,ebZ3mb;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;euOXY:OZjbQ;flqRgb:ox2Q7c;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lOO0Vd:OTA3Ae;lkq0A:JyBE3e;mWzs9c:fz5ukf;mzW4Id:nYdusb;nAFL3:NTMZac,s39S4;nJw4Gd:dPFZH;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;oVHXxc:HODIOb;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:ww04Df;qGV2uc:HHi04c;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qafBPd:sgY6Zb;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;ropkZ:UT1DG;sTsDMc:kHVSUb;sZmdvc:rdGEfc;tGdRVe:CS1mob;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uknmt:GkPrzb;uuQkY:u2V3ud;vEYCNb:FaqsVd;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;xBbsrc:NEW1Qc;xbe2wc:wbTLEd;xtZeyf:ax1MVb;ysNiMc:CpIBjd;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=attn,cdos,gwc,hsm,jsa,kY0M7,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,d,csi

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc19aa11d99062b37da7c6e64026de7e948848f4d624fb77e9ed7c880d994f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
age: 38301
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 05:22:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 05:22:08 GMT
last-modified: Sat, 09 Nov 2024 04:16:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="gws-team"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
accept-ranges: bytes
content-length: 498372
x-xss-protection: 0
server: sffe

GET
H2 200 /
www.rusticotv.com/ 0
13 KB 440ms
99ms Prefetch
text/html 2001:4860:4802:34::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rusticotv.com/
Requested by: Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::9d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Purpose: prefetch
Referer: https://www.google.com/
Sec-Purpose: prefetch;anonymous-client-ip
Upgrade-Insecure-Requests: 1
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dff04190ac2b7b5-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Nov 2024 16:00:29 GMT
last-modified: Tue, 05 Nov 2024 23:43:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyOG4I3UsDIrVGABGF1hEVsICkh3p9dmdcJgTVc1XnZRSKIXujKr4fxj1oVOj6I6hDKyf8boZxTXocj0xP9BzFB1v%2FvwlPO%2BPr7LTX6UFeF1ZNzDRPOU0AevxF91k0Nkzg4NG4wkODT%2B89qNwmpwmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=4702&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4010&recv_bytes=2429&delivery_rate=1000247&cwnd=254&unsent_bytes=0&cid=0948782d34a2af40&ts=156&x=0"
vary: Accept-Encoding

POST
H2 200 GetAsyncData Show response
ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/ 53 B
241 B 66ms
61ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.asy.en_US.nFQCVW2sook.2019.O/rt=j/m=_ac,_awd,ada,lldp,qads/exm=/d=1/ed=1/rs=AA2YrTtIXyKzezqtPm3BaMoLuyoFWUr_Tg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b4b20e1fa834bf64509e94dd18eca0865abc217fcb62e769d6b6002084236a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Api-Key: AIzaSyCbsbvGCe7C9mCtdaTycZB2eUFuzsYKG_E
X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json+protobuf

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
server-timing: gfet4t7; dur=13
content-length: 30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 16:00:29 GMT
x-xss-protection: 0
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 GetAsyncData
ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/ 0
0 320ms
117ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.google.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 09 Nov 2024 16:00:29 GMT
server: ESF
server-timing: gfet4t7; dur=7
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/googleg/v6/ 742 B
465 B 116ms
115ms Image
image/svg+xml 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 258004
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 16:20:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 16:20:25 GMT
last-modified: Wed, 20 Apr 2022 17:17:30 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 438
x-xss-protection: 0
server: sffe

POST
H3 204 gen_204
www.google.com/ 0
17 B 51ms
50ms Ping
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?atyp=csi&ei=HIcvZ4-UMO6Ti-gP78qy-Qw&s=web&t=all&frtp=773&imn=7&ima=0&imad=0&imac=4&wh=1200&aft=1&aftp=1373&adh=tv.6,t.6&cls=0.0001340390625&ime=0&imex=0&imeh=0&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&imeeb=0&scp=0&fld=1373&cb=76827&ucb=298222&ts=77127&dt=&mem=ujhs.12,tjhs.16,jhsl.4295,dm.8&nv=ne.1,feid.46ba6efd-115b-47a4-84d1-92d6d4716040&net=dl.10000,ect.4g,rtt.100,sd.0&hp=&sys=hc.12&p=bs.false&rt=hst.28,sct.200,frts.226,frvt.226,prt.236,afts.229,aft.229,aftqf.241,xjspls.319,xjsls.319,dcl.451,xjses.570,xjsee.654,xjs.654,lcp.263,fcp.82,wsrt.220,cst.144,dnst.0,rqst.351,rspt.280,sslt.144,rqstt.149,unt.4,cstt.5,dit.671&zx=1731168029503&opi=89978449

Requested by

Host: www.google.com
URL: https://www.google.com/xjs/_/js/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAIoICAAAAAAACgAAAAAAAAAAAAAAAAAAAAAABAQgEBIAACAAAAAAACwAAAAIQZAAAEAgAAAAAAAEGAAAAAgQATQ7z8BAAAAAAAAAACACAAkAAAAAOACAIAAUBAAAAKAAAAAMAAAACAAAAAAAIACAAABAAAAAAAIAAAAAAAAAAAAAEAA0A8AAAAAAAAAAAAAABAAAAAAAMAACgAE8AMAAAAAAAAAAAAABAEAAI6AAQiAAAAAAAAA9wHA4wHhkMICAAAAAAAAAAAAAAAAAUgQzAHpLwgAAQAAAAAAAAAAAAAAAAAAKYImLjcAIA/d=1/ed=1/dg=3/br=1/rs=ACT90oElns0DV8lkW8eqVEj77OxIFv2ZoQ/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;FqHJkd:yQamIb;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IZrNqe:P8ha2c;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;PqHfGe:im2cZe;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ScI3Yc:e7Hzgb,e7Hzgb;ShpF6e:N0pvGc;SzQQ3e:dNhofb;TxfV6d:YORN0b;U96pRd:FsR04;UBKJZ:LGDJGb;UDrY1c:eps46d;UVmjEd:EesRsb;UVzb9c:IvPZ6d;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YIZmRd:A1yn5d;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZSH6tc:QAvyLe;ZWEUA:afR4Cf;Zen4yb:jMF88c;ZlOOMb:P0I0Ec;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aCJ9tf:qKftvc;aZ61od:arTwJ;af0EJf:ghinId;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dowIGb:ebZ3mb,ebZ3mb;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;euOXY:OZjbQ;flqRgb:ox2Q7c;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lOO0Vd:OTA3Ae;lkq0A:JyBE3e;mWzs9c:fz5ukf;mzW4Id:nYdusb;nAFL3:NTMZac,s39S4;nJw4Gd:dPFZH;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;oVHXxc:HODIOb;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:ww04Df;qGV2uc:HHi04c;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qafBPd:sgY6Zb;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;ropkZ:UT1DG;sTsDMc:kHVSUb;sZmdvc:rdGEfc;tGdRVe:CS1mob;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uknmt:GkPrzb;uuQkY:u2V3ud;vEYCNb:FaqsVd;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;xBbsrc:NEW1Qc;xbe2wc:wbTLEd;xtZeyf:ax1MVb;ysNiMc:CpIBjd;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=attn,cdos,gwc,hsm,jsa,kY0M7,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,d,csi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-rE45pX0nywA5hs-5Sn_hZw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-rE45pX0nywA5hs-5Sn_hZw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 09 Nov 2024 16:00:29 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

GET
H3 200 search Show response
www.google.com/complete/ 35 KB
25 KB 99ms
98ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/complete/search?q&cp=0&client=gws-wiz-serp&xssi=t&gs_pcrt=2&hl=en-AE&authuser=0&psi=HIcvZ4-UMO6Ti-gP78qy-Qw.1731168029593&dpr=1&nolsbt=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

8f49c694c9c835e3cb35757beee82183dcefe72d8f868c22c91a62fa89a68549

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-TYredPKZyLO4EGCeOos5Xw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 16:00:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 16:00:29 GMT
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-TYredPKZyLO4EGCeOos5Xw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
accept-ch: Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
permissions-policy: unload=()
x-xss-protection: 0
server: gws

GET
H3 200 search Show response
www.google.com/complete/ 276 B
184 B 93ms
93ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/complete/search?q=rusticotv.com&cp=0&client=gws-wiz-serp&xssi=t&gs_pcrt=3&hl=en-AE&authuser=0&pq=rusticotv.com&psi=HIcvZ4-UMO6Ti-gP78qy-Qw.1731168029593&dpr=1&ofp=EAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

15a13a93cb05b9fbc245607d34bc466bb4d34e5ce6956404489d55686497b520

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce--QN459rCIkle1jgyjRgr6Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 16:00:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 16:00:29 GMT
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce--QN459rCIkle1jgyjRgr6Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
accept-ch: Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
permissions-policy: unload=()
x-xss-protection: 0
server: gws

GET
H3 200 m=UMk45c,bplExb,nMfLA,O19q8,xMHx5e,R6UkWb,tW711b,UX8qee,tDA9G,sy372,sy36z,sy36y,sy36x,syz2,syz3,syz1,sy1jr,syzf,syz0,syze,sy2ut,sy2uu,sy2uv,sy1jt,sy1jp,sy1jq,sy3yc,sy3yb,sy36v,sy1jn,sy1d6,sy1bj,sy1... Show response
www.google.com/xjs/_/js/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/ck=xjs.s.HjAETe5uZyc.L.B1.O/am=QOoAIAQAAIAAAEAEqAAgAAAAAAAAAAAAAAAAAAAAAAAASAAAAEAAAAAJAAAEAIIoICAAAQAAxCsAANgAAAIAAD4AAEcFAAwAABAQgEBIAACAA... 427 KB
142 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/xjs/_/js/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/ck=xjs.s.HjAETe5uZyc.L.B1.O/am=QOoAIAQAAIAAAEAEqAAgAAAAAAAAAAAAAAAAAAAAAAAASAAAAEAAAAAJAAAEAIIoICAAAQAAxCsAANgAAAIAAD4AAEcFAAwAABAQgEBIAACAAAAAEACwQAAAIQZAAAEAiAQAAAQAEGIABAIgaATQ7z8BBgAABgAAAADACCAkgAAGQOECkIAAUBBAPyqIACAAMAAAgCAgHMAwAKECAANxBAAAAAAIAAAAAEAAEAIAAMCA0g8ggAAAPQAEgAUAQDIQAQCCgMEAigAk8AMACAAAAAAEQCAABCMmAI6AAQiAAAAAAAAA9wHA4wHhkMICAAAAAAAAAAAAAAAAAUgQzAHpLwgAAQAAAAAAAAAAAAAAAAAAKYImLjcAIA/d=0/dg=0/br=1/ujg=1/rs=ACT90oG7nJ8TFDhhqap6lg7sRLMQwFQ5SQ/m=UMk45c,bplExb,nMfLA,O19q8,xMHx5e,R6UkWb,tW711b,UX8qee,tDA9G,sy372,sy36z,sy36y,sy36x,syz2,syz3,syz1,sy1jr,syzf,syz0,syze,sy2ut,sy2uu,sy2uv,sy1jt,sy1jp,sy1jq,sy3yc,sy3yb,sy36v,sy1jn,sy1d6,sy1bj,sy1bb,sy1bk,sy1bh,sy1bf,sy2uw,sy1j6,sy1j1,sy1jk,sy1d5,Eox39d,sy5zw,sy2oj,sy2lh,tIj4fb,sy3vk,sy1dj,sy1di,w4UyN,sy8w,sygs,sygp,sygq,sygo,syh0,sygy,sygx,sygw,sygt,sygn,syd5,syd6,sycc,sycd,syaq,syal,syct,sycu,sybb,sybc,syb7,syb0,syb3,syb2,syaz,syay,syao,syaw,syb5,syba,syb8,syar,syap,syan,syaa,syad,sya7,syac,sya6,sya4,sycw,sycp,sycg,syck,sya9,sych,sybz,syc0,syc6,syc5,sybx,sybw,sybu,syby,sybr,sybq,syc4,syc1,sybp,sybo,sybn,sybk,sybl,sybm,sybh,sybg,sybi,syag,syc2,sygb,sygm,sygg,sygh,sy8r,sy8n,sy8q,sygd,sygj,sygc,syga,syg7,syg6,syg4,sy8u,uxMpU,syfz,syd9,syd3,syd4,sycx,syd7,syd0,syae,syaf,sybj,syd1,sycq,sy9f,sy9e,sy9d,Mlhmy,QGR0gd,aurFic,sy9o,fKUV3e,OTA3Ae,sy8y,OmgaI,EEDORb,PoEs9b,Pjplud,sy99,sy95,sy93,A1yn5d,YIZmRd,uY49fb,sy8l,sy8h,sy8i,sy8g,sy8e,byfTOb,lsjVmc,LEikZe,kWgXee,Ug7Xab,U0aPgd,ovKuLd,sgY6Zb,qafBPd,ebZ3mb,dowIGb,sy3zd,sy3zc,sy3zb,sy3za,SJpD2c,sy5w2,sy1jh,sy1jg,sy1j0,sy1ji,sy1hi,sy1jf,sy134,sy12z,sy12s,sy12u,syt9,sytm,sy5w0,sy5vz,sy1o9,syu2,sytu,syts,sytg,sytr,sytj,syti,syth,syt2,syt0,sysu,sy1er,syyw,sy5w1,bEGPrc,sy1fj,sy5w5,sy5w4,mBG1hd,sy5w6,mscaJf,sy5wa,sGwFce,HxbScf,eAR4Hf,sy5wb,h3zgVb,lRePd,sy3z4,nN2e1e,sy5w7,sy5wc,IRJCef,sy5w9,sy5w8,scFHte,pr5okc,IFqxxc,sy3z5,OXpAmf,sy5wd,sy3vm,sy3vf,sy3ve,sy1jd,sy1jj,sy1je,sy1jb,sy1j8,sy1j7,sy1iz,sy1j9,sy1et,sy1eu,GElbSc,sy5wq,xdV1C,sy65e,HYSCof,sy6pm,sy3a0,sy1m3,sy1c6,KSk4yc,sy669,HqOUQc,sy1gk,EbPKJf,sy1fs,sy1fq,syia,sy1eb,CnSW2d,sy1gq,sy1gp,sy1gm,sy1ft,pFsdhd,sy38v,msmzHf,sy7r1,pHXghd?xjs=s3

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

384026e27cea4951ed0f3d2aaff4f46cd277c063f425881b6de4885df783af85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 16:00:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 16:00:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
last-modified: Sat, 09 Nov 2024 00:15:10 GMT
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="gws-team"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
accept-ranges: bytes
content-length: 145835
x-xss-protection: 0
server: sffe

GET
H3 200 rs=ACT90oElns0DV8lkW8eqVEj77OxIFv2ZoQ Show response
www.google.com/xjs/_/js/md=2/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAIoICAAAAAAACgAAAAAAAAAAAAAAAAAAAAAABAQgEBIAACAAAAAAACwAAAAIQZAAAEAgAAA... 18 KB
2 KB 40ms
39ms Fetch
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/xjs/_/js/md=2/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAIoICAAAAAAACgAAAAAAAAAAAAAAAAAAAAAABAQgEBIAACAAAAAAACwAAAAIQZAAAEAgAAAAAAAEGAAAAAgQATQ7z8BAAAAAAAAAACACAAkAAAAAOACAIAAUBAAAAKAAAAAMAAAACAAAAAAAIACAAABAAAAAAAIAAAAAAAAAAAAAEAA0A8AAAAAAAAAAAAAABAAAAAAAMAACgAE8AMAAAAAAAAAAAAABAEAAI6AAQiAAAAAAAAA9wHA4wHhkMICAAAAAAAAAAAAAAAAAUgQzAHpLwgAAQAAAAAAAAAAAAAAAAAAKYImLjcAIA/rs=ACT90oElns0DV8lkW8eqVEj77OxIFv2ZoQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25f26149b6348a560968e0ddb7a14455eb68afd88e9ac10cd6352f5b004fdbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 39493
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 05:02:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 05:02:16 GMT
last-modified: Sat, 09 Nov 2024 04:16:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="gws-team"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
accept-ranges: bytes
content-length: 1745
x-xss-protection: 0
server: sffe

GET
H3 204 client_204
www.google.com/ 0
18 B 50ms
49ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/client_204?atyp=i&biw=1600&bih=1200&ei=HIcvZ4-UMO6Ti-gP78qy-Qw&opi=89978449

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=rusticotv.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-mdGjUW8YVgRmkRdYB7Yn9g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-mdGjUW8YVgRmkRdYB7Yn9g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 09 Nov 2024 16:00:29 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

GET
H2 200 /
www.similarweb.com/website/rusticotv.com/competitors/ 0
101 KB 752ms
330ms Prefetch
text/html 2001:4860:4802:34::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.similarweb.com/website/rusticotv.com/competitors/

Requested by

Host: alwaysdomain02.online
URL: https://alwaysdomain02.online/py/fox3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:4860:4802:34::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.salesforce.com https://.force.com https://*.similarweb.com

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Purpose: prefetch
Referer: https://www.google.com/
Sec-Purpose: prefetch;anonymous-client-ip
Upgrade-Insecure-Requests: 1
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-security-policy: frame-ancestors https://*.salesforce.com https://*.force.com https://*.similarweb.com
content-type: text/html; charset=utf-8
date: Sat, 09 Nov 2024 16:00:30 GMT
expires: Sat, 09 Nov 2024 16:00:30 GMT
pragma: no-cache
server-timing: edge; dur=24 origin; dur=234 cdn-cache; desc=MISS ak_p; desc="1731168030064_399604785_176574471_25790_16939_4_59_109";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mTOE,3mRUM,1

GET
H3 200 m=sy1d0,y05UD,sy4ra,sy19w,sy1t1,sy1ri,sypf,sy2e4,sy1pn,epYOx Show response
www.google.com/xjs/_/ss/k=xjs.s.HjAETe5uZyc.L.B1.O/am=QOoAIAQAAIAAAEAEqAAgAAAAAAAAAAAAAAAAAAAAAAAASAAAAEAAAAAJAAAEAIAIAAAAAQAAxAsAANgAAAIAAD4AAEcFAAwAAAAAgABIAAAAAAAAEACgQAAAIAQAAAAACAQAAAQAAEIABAI... 7 KB
2 KB 47ms
46ms Fetch
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/xjs/_/ss/k=xjs.s.HjAETe5uZyc.L.B1.O/am=QOoAIAQAAIAAAEAEqAAgAAAAAAAAAAAAAAAAAAAAAAAASAAAAEAAAAAJAAAEAIAIAAAAAQAAxAsAANgAAAIAAD4AAEcFAAwAAAAAgABIAAAAAAAAEACgQAAAIAQAAAAACAQAAAQAAEIABAIAKAQAAAAABgAABgAAAABACCAAgAAGQAECkIAAUBBAPyoIACAAMAAAgCAgHMAwAKECAANwBAAAAAAAAAAAAEAAEAIAAMCAAgAggAAAPQAEgAUAQDIQAQCCgIEAigAgAAAACAAAAAAEQCAAACImAI6AAQgAAAAAAAAAkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAAAAAAAAAAAAAAAAAAAAAAAIA/d=0/br=1/rs=ACT90oEbCZfBgWEPbZUE_cvnbafwBLyVIg/m=sy1d0,y05UD,sy4ra,sy19w,sy1t1,sy1ri,sypf,sy2e4,sy1pn,epYOx?xjs=s4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb5707022c2a6121e307cd7d7f271c1e99ca85cc6d1bb39d3a41f1c5f3b70c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 16:00:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 16:00:29 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Origin
last-modified: Sat, 09 Nov 2024 00:15:10 GMT
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="gws-team"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
accept-ranges: bytes
content-length: 1920
x-xss-protection: 0
server: sffe

GET
H3 200 m=sb_wiz,aa,abd,sy2pt,async,sy13i,bgd,sy7y6,foot,sy1nu,kyn,sy1xt,sy2m7,lli,sf,syxy,syxz,sy4qp,sonic,TxCJfd,sy86i,qzxzOb,IsdWVc,sy86k,sy2r4,sy3d8,sy1md,sy1me,spch,tl,sy39d,sy39b,syy6,syy8,sy39c,syzl... Show response
www.google.com/xjs/_/js/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAIoICAAAAAAACgAAAAAAAAAAAAAAAAAAAAAABAQgEBIAACAAAAAAACwAAAAIQZAAAEAgAAAAAAAE... 282 KB
90 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c90cfd6ddfbe885a6c3d18ec0251891b64fc927941c7fa443784e7b8d3cd1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
age: 36489
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 05:52:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 05:52:20 GMT
last-modified: Sat, 09 Nov 2024 04:16:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="gws-team"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
accept-ranges: bytes
content-length: 91677
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
www.google.com/ 0
23 B 48ms
48ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=HIcvZ4-UMO6Ti-gP78qy-Qw&zx=1731168029764&opi=89978449

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-PwgBdP2xCr_4UA8LO5LyRQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-PwgBdP2xCr_4UA8LO5LyRQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 09 Nov 2024 16:00:29 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

GET
H3 200 favicon.ico
www.google.com/ 5 KB
1 KB 38ms
38ms Other
image/x-icon 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 67
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 15:59:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 15:59:22 GMT
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=691200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 1494
x-xss-protection: 0
server: sffe

GET
H3 200 m=sy65r,sy3wf,DpX64d,uKlGbf,sy65s,EufiNb,sy1m2,P10Owf,sy1f5,sy1f2,gSZvdb,WlNQGd,sy3p0,sy3oz,nabPbb,sy5wn,sy5wm,sy17x,syzi,syzg,syzh,sy1gu,sy1gs,VD4Qme,syg0,BYwJlf,sy1d4,sy1d3,sy1cy,VEbNoe,sy7lg,sy2... Show response
www.google.com/xjs/_/js/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAIoICAAAAAAACgAAAAAAAAAAAAAAAAAAAAAABAQgEBIAACAAAAAAACwAAAAIQZAAAEAgAAAAAAAE... 67 KB
22 KB 234ms
231ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010e134f9cd709b4fa51dc4920cf6b471fd55caa1ebb4d12f47904365ec92424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
age: 38776
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 05:14:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 05:14:14 GMT
last-modified: Sat, 09 Nov 2024 04:16:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="gws-team"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
accept-ranges: bytes
content-length: 22408
x-xss-protection: 0
server: sffe

GET
H3 200 bgasy Show response
www.google.com/async/ 8 KB
6 KB 252ms
251ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/async/bgasy?ei=HIcvZ4-UMO6Ti-gP78qy-Qw&opi=89978449&yv=3&cs=0&async=_fmt:jspb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

c818c9009ce6ec3790e4f3bf2025dd438fe737f70f767419879c9538b389d5e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-DoS-Behavior: Embed
Referer: https://www.google.com/
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: br
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 16:00:30 GMT
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
accept-ch: Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
permissions-policy: unload=()
content-length: 6230
x-xss-protection: 0
version: 693618659
server: gws

POST
H3 204 gen_204
www.google.com/ 0
24 B 232ms
232ms Ping
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?atyp=i&ei=HIcvZ4-UMO6Ti-gP78qy-Qw&dt19=2&prm23=0&zx=1731168029835&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-zzBs0dZOQ3OPVMFMC2D7gg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zzBs0dZOQ3OPVMFMC2D7gg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 09 Nov 2024 16:00:30 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

GET
H3 204 client_204 Show response
www.google.com/ 0
29 B 242ms
242ms XHR
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/client_204?cs=1&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-wZY0lYy6hgBaSgsVZEwNyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-wZY0lYy6hgBaSgsVZEwNyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 0
date: Sat, 09 Nov 2024 16:00:30 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

POST
H3 204 gen_204
www.google.com/ 0
24 B 224ms
224ms Ping
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?atyp=i&ei=HIcvZ4-UMO6Ti-gP78qy-Qw&vet=12ahUKEwiPkpy7z8-JAxXuyQIHHW-lLM8QuqMJegQIBRAA..s&bl=uzrZ&s=web&lpl=CAUYATABOANiBwgBEP_EjXE&zx=1731168029853&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-L-o6CP9buAv7gkV44UW2WA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-L-o6CP9buAv7gkV44UW2WA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 09 Nov 2024 16:00:30 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

GET
H3 200 m=lOO0Vd,sy9a,P6sQOc Show response
www.google.com/xjs/_/js/k=xjs.s.en_GB.OwynHyDyFtQ.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAIoICAAAAAAACgAAAAAAAAAAAAAAAAAAAAAABAQgEBIAACAAAAAAACwAAAAIQZAAAEAgAAAAAAAE... 2 KB
814 B 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c46d5a163a602de2c3ce9b72b949f7aa21000ba5f6c5bbf82d1e42339091064a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
age: 39430
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 05:03:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 05:03:20 GMT
last-modified: Sat, 09 Nov 2024 04:16:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="gws-team"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
accept-ranges: bytes
content-length: 784
x-xss-protection: 0
server: sffe

GET
H3 200 DSxXIf23gJJSExL3vTNCGWlMS8WoQLXexOxoqsoFECA.js Show response
www.google.com/js/bg/ 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/DSxXIf23gJJSExL3vTNCGWlMS8WoQLXexOxoqsoFECA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d2c5721fdb78092521312f7bd334219694c4bc5a840b5dec4ec68aaca051020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: br
age: 280923
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 09:58:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 09:58:27 GMT
last-modified: Tue, 05 Nov 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 7687
x-xss-protection: 0
server: sffe

POST
H2 200 log Show response
play.google.com/ 131 B
747 B 369ms
113ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.asy.en_US.nFQCVW2sook.2019.O/rt=j/m=_ac,_awd,ada,lldp,qads/exm=/d=1/ed=1/rs=AA2YrTtIXyKzezqtPm3BaMoLuyoFWUr_Tg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://www.google.com/

Response headers

x-frame-options: SAMEORIGIN
cache-control: private
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sat, 09 Nov 2024 16:00:30 GMT
access-control-allow-origin: https://www.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 131
date: Sat, 09 Nov 2024 16:00:30 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: boataushaus.net
URL: https://boataushaus.net/5/8424092/?oo=1&js_build=iclick-v1.991.4-auto&dmn=gekeebsirs.com&tt=2&ix=0&is_mobile=false

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-21 05:12:00	Name: AEC Value: AZ6Zc-WBlQS5Lbh18AMwZTjHtFyPTvwYTYj1DtKybzeWctnzmVc7ZBxgyAU
boataushaus.net/	1970-01-21 09:38:24	Name: OAID Value: 00810f07665c4e7fe1870ddac6136900
boataushaus.net/	1970-01-21 09:38:24	Name: oaidts Value: 1731168028
www.google.com/	1970-01-21 00:52:48	Name: DV Value: szc93J_Kj6QcoLzqnEwKQNDxlnwaMRk
.google.com/	1970-01-21 05:16:19	Name: NID Value: 518=LPQoidTu5Eg_pTGlxBML9_71Wc-B2sY4VLxqNhdOt99taHBmPShWGoJ7Q7g8VbMSNnyGQRqAlIM7qDuAfCfDsjUiGKPbee6nIbPNvUkiJ2lP6liWhosW_Qi0sNf2TfaN0j41i9q2rGUSdTpk5yho1a4Aezu_1MbaZAFAL13nXOY8yqj3W26KpyFP5MAD2LMr9H8edHfc2YTpYA
.google.com/	1970-01-21 10:22:34	Name: __Secure-ENID Value: 23.SE=i4r3pS7Szw2Cw5lWkejWlLW6ENDuzi9zZsKj_zcmLpWtWOL2CMj6kUENTEATBvh5-M4hiphaycSpI4Q_ZG19EH-MSJUJqCWfPZtD7vGlkZoVvZtS09GefMbcY4yUqgTunedfnSeR7U_LmnslMG7iB6ff1smG3cCaadmgttcCd4rb7MSNdshZWJZEU3_rsQ

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/mux.js@5.6.7/dist/mux.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/level-selector@latest/dist/level-selector.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/clappr-pip@latest/dist/clappr-pip.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/clappr-playback-rate-plugin@latest/dist/clappr-playback-rate-plugin.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/shaka-player@2.5.10/dist/shaka-player.compiled.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/gh/clappr/dash-shaka-playback@latest/dist/dash-shaka-playback.external.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/cdnbye-shaka@latest, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alwaysdomain02.online/py/fox3.php(Line 171777) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alwaysdomain02.online
boataushaus.net
cdn.jsdelivr.net
fonts.gstatic.com
gekeebsirs.com
ogads-pa.googleapis.com
play.google.com
www.google.com
www.googleadservices.com
www.gstatic.com
www.rusticotv.com
www.similarweb.com
boataushaus.net
142.250.186.34
188.114.97.3
2001:4860:4802:34::9d
2606:4700:3037::6815:5984
2606:4700::6812:ba1f
2a00:1450:4001:800::200a
2a00:1450:4001:802::200e
2a00:1450:4001:809::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:831::2003
010e134f9cd709b4fa51dc4920cf6b471fd55caa1ebb4d12f47904365ec92424
05f0e4bcb272bfaeca6718b9281bc190f3f8e1ba47d72acb5e926e9167fe2608
0c7a0b5a702d1d5421266d50fd5b71d316e9ba95c5f156c9cbc3371c2c1e116a
0c90cfd6ddfbe885a6c3d18ec0251891b64fc927941c7fa443784e7b8d3cd1c1
0d2c5721fdb78092521312f7bd334219694c4bc5a840b5dec4ec68aaca051020
15a13a93cb05b9fbc245607d34bc466bb4d34e5ce6956404489d55686497b520
1b6b8bb669229eb8d860142a3671219ad3f2c7699a361fedf80778b38f67df95
25f26149b6348a560968e0ddb7a14455eb68afd88e9ac10cd6352f5b004fdbbf
2b4b20e1fa834bf64509e94dd18eca0865abc217fcb62e769d6b6002084236a7
384026e27cea4951ed0f3d2aaff4f46cd277c063f425881b6de4885df783af85
460997174b5c47f2245acb674bd5b1d0092272c4698ae83e504fc8cf06e1260b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5ace9d9374645bc64d215be46c60098ab95f6901510578c8dbe68e50078ce88a
61471c1fb7823a430734a88bdfd60c8575bf15af1a99dd98950a5123e46af5a7
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
7228e8de3117faabc74ea67345a760ea32b489d5b3d21c0991606e3ce6236e49
731bd03f30b94c37c26b8576b836979754a952a4c57f5d2b9d5ab490b93a01a7
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
7ce935d097b4959a10ef7b1fe8e25b2a68e14c0d7f1bdad27f89661baa3325cb
8f49c694c9c835e3cb35757beee82183dcefe72d8f868c22c91a62fa89a68549
9119ea0a71f813f547c680fa6f9bd9f91012c3bf81e19c961a7c11fc65152e7d
a0e686438513cf16b713d6164722bce9eaad9a8ef430dacb8fff7a9232003282
c46d5a163a602de2c3ce9b72b949f7aa21000ba5f6c5bbf82d1e42339091064a
c818c9009ce6ec3790e4f3bf2025dd438fe737f70f767419879c9538b389d5e9
cc19aa11d99062b37da7c6e64026de7e948848f4d624fb77e9ed7c880d994f0d
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9483b5464e6543408832d2cbab65c805050adc758e4ec07db9e39568d0c54e
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
fb5707022c2a6121e307cd7d7f271c1e99ca85cc6d1bb39d3a41f1c5f3b70c62
fc76c25a3f75fbcbf0c32eeb4b010e30777a1b0f18028da360789b0ec4e2ece8

www.google.com Open in urlscan Pro 2a00:1450:4001:82a::2004 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

82 %IPv6

10 Domains

13 Subdomains

12 IPs

3 Countries

2982 kBTransfer

8207 kBSize

6 Cookies

23 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.google.com Open in urlscan Pro
2a00:1450:4001:82a::2004 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

82 %
IPv6

10
Domains

13
Subdomains

12
IPs

3
Countries

2982 kB
Transfer

8207 kB
Size

6
Cookies

48 HTTP transactions
7 data transactions