ipsw.me Open in urlscan Pro
104.26.8.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ipsw.me/
Effective URL:
https://ipsw.me/
Submission: On June 01 via api (June 1st 2024, 1:12:11 am UTC) from CA — Scanned from CA

Summary HTTP 57 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 8 domains to perform 57 HTTP transactions. The main IP is 104.26.8.156, located in and belongs to CLOUDFLARENET, US. The main domain is ipsw.me. The Cisco Umbrella rank of the primary domain is 583494.
TLS certificate: Issued by E1 on May 1st 2024. Valid for: 3 months.

This is the only time ipsw.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	104.26.8.156 104.26.8.156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
1	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.111.97 142.251.111.97	15169 (GOOGLE) (GOOGLE)
2	142.251.167.139 142.251.167.139	15169 (GOOGLE) (GOOGLE)
2	64.233.180.113 64.233.180.113	15169 (GOOGLE) (GOOGLE)
1	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
1	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
10	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
13	172.253.115.113 172.253.115.113	15169 (GOOGLE) (GOOGLE)
2	142.251.167.132 142.251.167.132	15169 (GOOGLE) (GOOGLE)
1	142.251.163.104 142.251.163.104	15169 (GOOGLE) (GOOGLE)
57	13

15 104.26.8.156 (None, )

ASN13335 (CLOUDFLARENET, US)

ipsw.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.139 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f139.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.180.113 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f113.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.253.115.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f113.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.104 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google.com analytics.google.com — Cisco Umbrella Rank: 154 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646 www.google.com — Cisco Umbrella Rank: 2	76 KB
15	ipsw.me ipsw.me — Cisco Umbrella Rank: 583494	384 KB
11	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	248 B
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	300 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	173 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 10035	63 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
57	8

	Domain	Requested by
15	ipsw.me	ipsw.me static.cloudflareinsights.com
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	ipsw.me pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	ipsw.me www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	www.google.ca	ipsw.me
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.cloudflareinsights.com	ipsw.me
57	12

This site contains links to these domains. Also see Links.

Domain
mas.to
reddit.com
twitter.com
ipswdownloads.docs.apiary.io
github.com
www.paypal.me
emperorservers.com

Subject Issuer	Validity	Valid
ipsw.me E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://ipsw.me/
Frame ID: D5CD88AB0383966ADCF61CF9BEF1CDCE
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html
Frame ID: 41FAFAB4141FE80A33C552B4FA6A9609
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1717204326&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fipsw.me%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204326361&bpp=4&bdt=276&idt=320&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2327810109180&frm=20&pv=2&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=355
Frame ID: F144EB7E101E4D1A0DDC398505DE943F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204326&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204326365&bpp=2&bdt=280&idt=378&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=386
Frame ID: B1C0B75BF916A33F312E3039CD5ED367
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=1706824535&pi=t.ma~as.3483797882&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204326&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204326367&bpp=1&bdt=282&idt=391&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=393
Frame ID: F47FB09DF9EA97FD50FEDE7BE51CC057
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-9421549393799412&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.4141838024~rp.4&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204327&rafmt=1&to=qs&pwprc=7165552369&format=1200x90&url=https%3A%2F%2Fipsw.me%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204327575&bpp=1&bdt=1490&idt=-M&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1458ec7787b0a792%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MbzVnVBEGX_aYkFox_kujH7Xz08Dw&gpic=UID%3D00000daeb6f07ade%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MYu9RAHu6fAgajXEheZ9dIijz5SsQ&eo_id_str=ID%3D33c3c780cd6ff024%3AT%3D1717204326%3ART%3D1717204326%3AS%3DAA-AfjYIoAdTnJJoJniChxmlGgMe&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&psts=AOrYGsmXs1spMPdMUqkDI0XKM9vZGTZlhgJRACaPzfG4n8odb8QSYRVq2dbDZXweuDj5Inl1bYMybn4Ap53xunjtp-55ng&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=149
Frame ID: 9C427EEB907E39625596045745912EF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-9421549393799412&output=html&h=90&adk=4204718025&adf=2827832974&pi=t.aa~a.3509212669~rp.4&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204327&rafmt=1&to=qs&pwprc=7165552369&format=1200x90&url=https%3A%2F%2Fipsw.me%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204327575&bpp=1&bdt=1489&idt=-M&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1458ec7787b0a792%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MbzVnVBEGX_aYkFox_kujH7Xz08Dw&gpic=UID%3D00000daeb6f07ade%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MYu9RAHu6fAgajXEheZ9dIijz5SsQ&eo_id_str=ID%3D33c3c780cd6ff024%3AT%3D1717204326%3ART%3D1717204326%3AS%3DAA-AfjYIoAdTnJJoJniChxmlGgMe&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=3&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&psts=AOrYGsmXs1spMPdMUqkDI0XKM9vZGTZlhgJRACaPzfG4n8odb8QSYRVq2dbDZXweuDj5Inl1bYMybn4Ap53xunjtp-55ng&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=154
Frame ID: 5AE59F6BD6163C048FE76E98858C836C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-9421549393799412&output=html&h=90&adk=4204718025&adf=2221415025&pi=t.aa~a.2406263953~rp.1&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204327&rafmt=1&to=qs&pwprc=7165552369&format=1200x90&url=https%3A%2F%2Fipsw.me%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204327575&bpp=1&bdt=1490&idt=-M&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1458ec7787b0a792%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MbzVnVBEGX_aYkFox_kujH7Xz08Dw&gpic=UID%3D00000daeb6f07ade%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MYu9RAHu6fAgajXEheZ9dIijz5SsQ&eo_id_str=ID%3D33c3c780cd6ff024%3AT%3D1717204326%3ART%3D1717204326%3AS%3DAA-AfjYIoAdTnJJoJniChxmlGgMe&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90%2C1200x90&nras=4&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1624&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&psts=AOrYGsmXs1spMPdMUqkDI0XKM9vZGTZlhgJRACaPzfG4n8odb8QSYRVq2dbDZXweuDj5Inl1bYMybn4Ap53xunjtp-55ng&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=156
Frame ID: 1EBE92038B025CE10D5C8DD6CD5DB6FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-9421549393799412&output=html&h=50&adk=1081326337&adf=3016456172&pi=t.aa~a.2227863559~rp.1&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204327&rafmt=1&to=qs&pwprc=7165552369&format=1200x50&url=https%3A%2F%2Fipsw.me%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204327575&bpp=1&bdt=1490&idt=-M&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1458ec7787b0a792%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MbzVnVBEGX_aYkFox_kujH7Xz08Dw&gpic=UID%3D00000daeb6f07ade%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MYu9RAHu6fAgajXEheZ9dIijz5SsQ&eo_id_str=ID%3D33c3c780cd6ff024%3AT%3D1717204326%3ART%3D1717204326%3AS%3DAA-AfjYIoAdTnJJoJniChxmlGgMe&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90%2C1200x90%2C1200x90&nras=5&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&psts=AOrYGsmXs1spMPdMUqkDI0XKM9vZGTZlhgJRACaPzfG4n8odb8QSYRVq2dbDZXweuDj5Inl1bYMybn4Ap53xunjtp-55ng&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=159
Frame ID: 0528CE333CBF1A15ADBEBF8973769716
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html
Frame ID: 2061032E6B8D390178D1CEB339B4D5DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html
Frame ID: 50DB3F89DE665BA2D6244CCAD0C51EFD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A87CDABD31640D97C0C41BFCB429B3AA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97DCCF9C6177C51E4BBE26FE408F96B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download iOS Firmware for iPhone, iPad, iPod Touch, Apple Watch, Apple TV, HomePod and Vision Pro / IPSW Downloads

Page URL History Show full URLs

http://ipsw.me/ HTTP 307
https://ipsw.me/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

57
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

13
IPs

2
Countries

961 kB
Transfer

2497 kB
Size

44
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://mas.to/@iOSReleases
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://reddit.com/r/jailbreak
Title: r/jailbreak

Search URL Search Domain Scan URL

URL: https://twitter.com/iOSReleases
Title: Twitter

Search URL Search Domain Scan URL

URL: https://ipswdownloads.docs.apiary.io/
Title: IPSW Downloads API

Search URL Search Domain Scan URL

URL: https://github.com/cj123
Title: GitHub

Search URL Search Domain Scan URL

URL: https://www.paypal.me/seejy
Title: Donate via PayPal

Search URL Search Domain Scan URL

URL: https://emperorservers.com/?utm_source=ipsw-me&utm_medium=cpc&utm_campaign=ipsw-me
Title: Emperor Servers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ipsw.me/ HTTP 307
https://ipsw.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
ipsw.me/
Redirect Chain

http://ipsw.me/
https://ipsw.me/

11 KB
3 KB

84ms
55ms

Document
text/html

104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9cc7e15328d071194bcd9a562ce2d80f36067fa9995605d24aeb7923170fb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-ray: 88cb555dcd773705-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 01 Jun 2024 01:12:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5DOtLkIQ2UO9HX9rsmrd%2F5t0Bbvmt%2FpJJ%2BKaO9HyD497Ndrj0MigpwnJXOrtOq07Siq3XAFTvgFLjsJ7qSIFKv6mng3pQ4GvGr%2FoHK%2Ba8iql79Pk2GZe%2F8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Location: https://ipsw.me/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.css
ipsw.me/assets/ 453 KB
96 KB 46ms
45ms Stylesheet
text/css 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/assets/style.css

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c888b4f39efa3245048413cd215cb1774f4a027839d6845a30c835ef805748

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pc6xvEuZC9GUhqwz1jWKLpo0%2F5ZrO17v501nSwzxGkpOj0MefCl%2BZG8YyqIDxhHKSSU8KDVbb0w7UBWCnHkLcZV77BbmkvZyXESRnY6Vjx5oWCEUhYodoOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 88cb555e2df83705-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
51 KB 196ms
117ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

e74b6aac999df90746472666470db99c878ca48048601d46887406e6df3e6df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52141
x-xss-protection: 0
server: cafe
etag: 17434825469533107432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 01 Jun 2024 01:12:06 GMT

GET
H3 200 ipsw_logo_200.png
ipsw.me/assets/brand/ 3 KB
3 KB 103ms
102ms Image
image/png 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/brand/ipsw_logo_200.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca20e54df61de2ae5e0ccca7ffabf674b569f4b169ab7444932f82f4257577

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; preload
age: 276361
cf-polished: origSize=3662
x-bz-content-sha1: 6b5adbbacd22009ffccdd34c6fea7508ff914d27
x-bz-file-id: 4_z510b31194ebe890c63c80e12_f104bee437d224d26_d20201216_m184842_c001_v0001150_t0026
x-bz-file-name: brand/ipsw_logo_200.png
alt-svc: h3=":443"; ma=86400
x-bz-info-src_last_modified_millis: 1608144510864
x-bz-upload-timestamp: 1608144522000
last-modified: Tue, 28 May 2024 20:26:05 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMAbIYetrEzSvTmwFMSuylH4dJ04wE%2BLR91kV4MccBoWIRY829%2BvDkq2wM9K4AsbcUZYctbqmF61EIDbJgxpndk6e7KT%2BXlBjmXINQCdBtoyYaM69D1kFxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 88cb555e2dfc3705-YYZ

GET
H3 200 iPhone16,2.png
ipsw.me/assets/devices/ 18 KB
18 KB 104ms
103ms Image
image/webp 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/iPhone16,2.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3c9cdefcc92e55c9695f7268a1985ddcdc4398de8445fbb5bb64faeb0dff765

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276016
cf-polished: origFmt=png, origSize=24200
content-disposition: inline; filename="iPhone16,2.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 May 2024 20:31:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBFxIBEUnrVt35YoJDHUku03DdDOMosG6IfzfA6oI9brpk0rgKjxJDaXaw%2Bzm9pVNo%2FSwcrDZYwv%2FW6vYmRNy71%2FQ%2F38sRQKJBfmi2B8lK6hF%2BlNolo8S6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 88cb555e2dff3705-YYZ

GET
H3 200 iPad14,6.png
ipsw.me/assets/devices/ 25 KB
25 KB 36ms
36ms Image
image/webp 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/iPad14,6.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4791705da94e3d2e0055c5e3360427d6b89c46a0752761d21becd5b70698cae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 275683
cf-polished: origFmt=png, origSize=32819
content-disposition: inline; filename="iPad14,6.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 May 2024 20:37:23 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u8Z%2F424P%2Fm1B9OcY4CYCpMVCOV3lma1Nyj65caLawOyF2BosaeGPlZoa8lVMTR9mWtXd9L9cID0MOYFEr0G%2BgVHHZidg06lAxFv2ZJJkvaQFBDWKTpIyoNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 88cb555eeeda3705-YYZ

GET
H3 200 Mac14,10.png
ipsw.me/assets/devices/ 25 KB
25 KB 37ms
36ms Image
image/webp 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/Mac14,10.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb6b44d81f719157a461be7665eaf4ba85b15ddfa06214730ef93b57f1106742

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276016
cf-polished: origFmt=png, origSize=32457
content-disposition: inline; filename="Mac14,10.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 May 2024 20:31:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhZ%2FG4Ace%2BFs%2FuUaiwKdgHz1FhE23Qy%2F2uPIJqGo84zDmLvZv8szg2b584dFzscNbanPo4srTO4KAewGzWDGp1kB1y8Yf9Tocl3cBmV%2BySuSrMhjDcYkiY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 88cb555eeedf3705-YYZ

GET
H3 200 RealityDevice14,1.png
ipsw.me/assets/devices/ 31 KB
31 KB 41ms
40ms Image
image/webp 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/RealityDevice14,1.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ced9cc9c9ff6e62944ef7ccc23ab27d0bf3f29d79de1f24682ffdbbfab3937d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96164
cf-polished: origFmt=png, origSize=40209
content-disposition: inline; filename="RealityDevice14,1.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 May 2024 22:29:22 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBBbfCOfILtOWMNgqtXZJaF2VV%2Bpf3dPEdbIW%2FPQhM9%2BFh1J1JiLL0WPNf6%2FwpHQiBq16QORj38ejvexRkpEPUCdX1UwpY1a9zulEeq90EDJpzxIRu%2B3qcU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 88cb555f1f183705-YYZ

GET
H3 200 AppleTV6,2.png
ipsw.me/assets/devices/ 33 KB
33 KB 43ms
41ms Image
image/webp 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/AppleTV6,2.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c16acd4e244d331fa74466587a8f980e1d3ad80130c320347d9847437494e057

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180086
cf-polished: origFmt=png, origSize=41863
content-disposition: inline; filename="AppleTV6,2.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 May 2024 23:10:40 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQiCPUa1fSu2XlMkLI6%2FH%2FanZTqAAio1cYDvj8in%2Bj5FxSvxOBz%2BHtlPBQzXe2J5X3iuYA2joDcfZbZ4Jk%2FtmUNoH9q%2Fz%2BZabRVPa26cVY4raJ4V7Y5%2BC6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 88cb555f1f1c3705-YYZ

GET
H3 200 AudioAccessory5,1.png
ipsw.me/assets/devices/ 56 KB
56 KB 61ms
59ms Image
image/webp 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/AudioAccessory5,1.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a25f35480b4b686fb2a562d5827cf40dc7bc3e62b651274d0e0a043a61508ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276016
cf-polished: origFmt=png, origSize=60652
content-disposition: inline; filename="AudioAccessory5,1.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 May 2024 20:31:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1s6sbwx%2BOH65TeyiJW0hVdSTBmE4GZdCYfBgK5VlbA4poBPKN%2FdX4MG2YghMeysTVIWh9GZQZIdKE89ivrQMb1RUFgERkwu%2FYtt2MViPEOhaJr4v8fN%2F2go%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 88cb555f1f1e3705-YYZ

GET
H3 200 iPod9,1.png
ipsw.me/assets/devices/ 22 KB
23 KB 63ms
62ms Image
image/webp 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/iPod9,1.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e144f3d017f6e29d6a311cbaa94743d8013b3cbac7571c2d02ad5e6cc4dd514

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180085
cf-polished: origFmt=png, origSize=31410
content-disposition: inline; filename="iPod9,1.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 May 2024 23:10:41 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sP1FeEb2Wx0s5wz%2Fj3sNrJAIrq0P%2FxhQT2tsqoOmdL7jwLKO%2Bf2SoK6SnzFUdN1ZsT%2FwOxmkwsMT0%2F4fywqoV6B858jUT%2Bg9k1qR8y2hpgEtf%2Bha9226EOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 88cb555f1f1f3705-YYZ

GET
H3 200 Watch5,4.png
ipsw.me/assets/devices/ 19 KB
20 KB 64ms
62ms Image
image/webp 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.me/assets/devices/Watch5,4.png

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2502fe8f6ea986c42799dd669acdb5a11da0818f9d109f5f36e3ab0e177e32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276016
cf-polished: origFmt=png, origSize=24609
content-disposition: inline; filename="Watch5,4.webp"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 May 2024 20:31:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwbC2g69UNFU5pSdF4eunh2E%2F9rVMg8IRIMcqQikXRdLawomO3PPsPUwyLt52vLmhgkVY%2FwV1fOCy6CiHkt0gQYJPpx8ESxpQGqAeJueXIm6GOlIPK%2F1vO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
cf-ray: 88cb555f1f233705-YYZ

GET
H3 200 bootstrap.js Show response
ipsw.me/assets/ 147 KB
46 KB 66ms
64ms Script
text/javascript 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/assets/bootstrap.js

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac8c8a6a149f603d660ab97ecf12175dc2b80006d8a74131502e461199d5a575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ouQa5anT0kXvr7dYZDYJPW8ueQQi7hAJN6o8yxdz2ngzSWpSV8U9QfJCiu55Lvd2oQwyrKjl3bJrhVYVD5vF%2BY1qFgGkuAtbYdIekaFQvlkuKRB9FehWd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800
cf-ray: 88cb555f1f243705-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 vef91dfe02fce4ee0ad053f6de4f175db1715022073587 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 102ms
57ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by: Host: ipsw.me
URL: https://ipsw.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Origin: https://ipsw.me
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.5.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 88cb555f5c82ab3a-YYZ

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
75 KB 138ms
57ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRP7VV

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3e7bfa2e9aaea3599c28b1176abd8e7c189a299fadf0ab35bce63a18d191b86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76494
x-xss-protection: 0
last-modified: Sat, 01 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Jun 2024 01:12:06 GMT

GET
H3 200 details.json Show response
ipsw.me/user/ 54 B
728 B 131ms
131ms XHR
application/json 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/user/details.json

Requested by

Host: ipsw.me
URL: https://ipsw.me/assets/bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aefe2b02848a3e751a416f329e050d5dd35903ced406d864869e4dbf423df8a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; preload
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding, Cookie
x-frame-options: DENY
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OH7LhsBzV5MqGkgU6NF2b7yPJ%2B0oZS6djIzGX5zLJcbUlgmSXtuEFs6b17jdv%2B0E8IP%2FYcdiC5Nb40Doz52eKXk%2FFg7X58mmE8K59A5kn3JNROOvDRv4NbU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache
cf-ray: 88cb555fcfaf3705-YYZ

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/ 423 KB
143 KB 140ms
140ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

ea8bf97e63c45950c93d9bd28f5190787b01332d40955fce6baf8680dbb3ec6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146573
x-xss-protection: 0
server: cafe
etag: 6824466714606388978
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jun 2024 01:12:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
98 KB 56ms
55ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FLTLWFSYM0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRP7VV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ad6488917991c47dd870cc8f714ec8de9a356f8b118abd432086a0f49bb75232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 01 Jun 2024 01:12:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 117ms
38ms Script
text/javascript 142.251.167.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRP7VV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Jun 2024 00:03:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4124
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 01 Jun 2024 02:03:22 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 137ms
48ms Ping
text/plain 64.233.180.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FLTLWFSYM0&gtm=45je45t0v878488244z871548909za200zb71548909&_p=1717204326202&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=2064548942.1717204327&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717204326&sct=1&seg=0&dl=https%3A%2F%2Fipsw.me%2F&dt=Download%20iOS%20Firmware%20for%20iPhone%2C%20iPad%2C%20iPod%20Touch%2C%20Apple%20Watch%2C%20Apple%20TV%2C%20HomePod%20and%20Vision%20Pro%20%2F%20IPSW%20Downloads&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=584
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLTLWFSYM0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.180.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: pe-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 01:12:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsw.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 133ms
45ms Ping
text/plain 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FLTLWFSYM0&cid=2064548942.1717204327&gtm=45je45t0v878488244z871548909za200zb71548909&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLTLWFSYM0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 01:12:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsw.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 145ms
102ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FLTLWFSYM0&cid=2064548942.1717204327&gtm=45je45t0v878488244z871548909za200zb71548909&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1643458887

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 01:12:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
202 B 46ms
45ms XHR
text/plain 142.251.167.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1607700266&t=pageview&_s=1&dl=https%3A%2F%2Fipsw.me%2F&ul=en-ca&de=UTF-8&dt=Download%20iOS%20Firmware%20for%20iPhone%2C%20iPad%2C%20iPod%20Touch%2C%20Apple%20Watch%2C%20Apple%20TV%2C%20HomePod%20and%20Vision%20Pro%20%2F%20IPSW%20Downloads&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1970973442&gjid=350779772&cid=2064548942.1717204327&tid=UA-26022325-1&_gid=563501818.1717204327&_r=1&_slc=1&gtm=45He45t0n71PRP7VVv71548909za200&gcd=13l3l3l3l1&dma=0&z=637485821

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 01:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsw.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/ Frame 41FA 0
0 113ms
38ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 39004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 14:22:02 GMT
etag: 3711839061170457607
expires: Fri, 14 Jun 2024 14:22:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 98ms
98ms Image
image/gif 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20fixed-top%20navbar-dark%20bg-primary%20navbar-expand-lg&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ipsw.me
URL: https://ipsw.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 01:12:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame F144 0
0 646ms
592ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1717204326&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fipsw.me%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204326361&bpp=4&bdt=276&idt=320&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2327810109180&frm=20&pv=2&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=355

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 70098
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 01:12:07 GMT
expires: Sat, 01 Jun 2024 01:12:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame B1C0 0
0 597ms
577ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=683863926&pi=t.ma~as.3483797882&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204326&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204326365&bpp=2&bdt=280&idt=378&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=386

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43989
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 01:12:07 GMT
expires: Sat, 01 Jun 2024 01:12:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame F47F 0
0 640ms
628ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9421549393799412&output=html&h=280&slotname=3483797882&adk=199814935&adf=1706824535&pi=t.ma~as.3483797882&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204326&rafmt=1&format=1200x280&url=https%3A%2F%2Fipsw.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204326367&bpp=1&bdt=282&idt=391&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=393

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 01:12:07 GMT
expires: Sat, 01 Jun 2024 01:12:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/ 168 KB
56 KB 115ms
114ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/reactive_library_fy2021.js?bust=31084103

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

d3dd0d8065c290708e588c6675db7897b58e5fe4cf362aac2da25f24fe7f391d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: cafe
etag: 8510543797306538891
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jun 2024 01:12:07 GMT

GET
H2 200 ca-pub-9421549393799412 Show response
fundingchoicesmessages.google.com/i/ 191 KB
64 KB 153ms
69ms Script
application/javascript 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9421549393799412?href=https%3A%2F%2Fipsw.me&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

1f6043b4b6017900d941b6b33463eb245e7047cb8e4636422cebab813f07ace7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KekBOIyA5QcgzfhNEE7K-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KekBOIyA5QcgzfhNEE7K-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII0pBiOHnrNtNFID7vdIfpOhAbaDxnsgBiia8vmdSAOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAnPTvPGsBELd_vsA6FYiFeDiev3q5iU1gwv0LU5mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAxMjQ30DMziCwwAoiI8XA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVP7T8KVQDfbu4AEam96VtqNMz1GlFueNOOV2PG613g3ztxAXNfNc3oUzhJ8kIZIYZGKZQm338R6i6EubUSAaCNoL1IhmfFOZV-qTxVw29nQ8ZXTuMFnIXb4_tn355CtSwFQWomzA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 65ms
64ms Script
application/javascript 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVP7T8KVQDfbu4AEam96VtqNMz1GlFueNOOV2PG613g3ztxAXNfNc3oUzhJ8kIZIYZGKZQm338R6i6EubUSAaCNoL1IhmfFOZV-qTxVw29nQ8ZXTuMFnIXb4_tn355CtSwFQWomzA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE3MjA0MzI3LDcyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9pcHN3Lm1lLyIsbnVsbCxbWzgsIkNNVWFJNDlzdUFzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CMUaI49suAs.es5.O/am=AAM/d=1/rs=AJlcJMyQ3GRdqqfY2UW5LJrh3t_fjx9oFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

eff6d1cf14602d63758ee86426d17d1054a1a9973df6715b576c780a1b453b9e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hm-hTd3_nJd9XHSTo8u-Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-hm-hTd3_nJd9XHSTo8u-Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1JBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQt3--wDoViIV4OJ6_ermJTeDFg3kfmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDEyNDfQMzOILDAAFODe-"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9C42 0
0 381ms
380ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-9421549393799412&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.4141838024~rp.4&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204327&rafmt=1&to=qs&pwprc=7165552369&format=1200x90&url=https%3A%2F%2Fipsw.me%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204327575&bpp=1&bdt=1490&idt=-M&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1458ec7787b0a792%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MbzVnVBEGX_aYkFox_kujH7Xz08Dw&gpic=UID%3D00000daeb6f07ade%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MYu9RAHu6fAgajXEheZ9dIijz5SsQ&eo_id_str=ID%3D33c3c780cd6ff024%3AT%3D1717204326%3ART%3D1717204326%3AS%3DAA-AfjYIoAdTnJJoJniChxmlGgMe&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&psts=AOrYGsmXs1spMPdMUqkDI0XKM9vZGTZlhgJRACaPzfG4n8odb8QSYRVq2dbDZXweuDj5Inl1bYMybn4Ap53xunjtp-55ng&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=149

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28347
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 01:12:08 GMT
expires: Sat, 01 Jun 2024 01:12:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5AE5 0
0 482ms
481ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-9421549393799412&output=html&h=90&adk=4204718025&adf=2827832974&pi=t.aa~a.3509212669~rp.4&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204327&rafmt=1&to=qs&pwprc=7165552369&format=1200x90&url=https%3A%2F%2Fipsw.me%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204327575&bpp=1&bdt=1489&idt=-M&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1458ec7787b0a792%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MbzVnVBEGX_aYkFox_kujH7Xz08Dw&gpic=UID%3D00000daeb6f07ade%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MYu9RAHu6fAgajXEheZ9dIijz5SsQ&eo_id_str=ID%3D33c3c780cd6ff024%3AT%3D1717204326%3ART%3D1717204326%3AS%3DAA-AfjYIoAdTnJJoJniChxmlGgMe&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=3&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&psts=AOrYGsmXs1spMPdMUqkDI0XKM9vZGTZlhgJRACaPzfG4n8odb8QSYRVq2dbDZXweuDj5Inl1bYMybn4Ap53xunjtp-55ng&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=154

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 01:12:08 GMT
expires: Sat, 01 Jun 2024 01:12:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1EBE 0
0 632ms
632ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-9421549393799412&output=html&h=90&adk=4204718025&adf=2221415025&pi=t.aa~a.2406263953~rp.1&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204327&rafmt=1&to=qs&pwprc=7165552369&format=1200x90&url=https%3A%2F%2Fipsw.me%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204327575&bpp=1&bdt=1490&idt=-M&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1458ec7787b0a792%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MbzVnVBEGX_aYkFox_kujH7Xz08Dw&gpic=UID%3D00000daeb6f07ade%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MYu9RAHu6fAgajXEheZ9dIijz5SsQ&eo_id_str=ID%3D33c3c780cd6ff024%3AT%3D1717204326%3ART%3D1717204326%3AS%3DAA-AfjYIoAdTnJJoJniChxmlGgMe&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90%2C1200x90&nras=4&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1624&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&psts=AOrYGsmXs1spMPdMUqkDI0XKM9vZGTZlhgJRACaPzfG4n8odb8QSYRVq2dbDZXweuDj5Inl1bYMybn4Ap53xunjtp-55ng&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=156

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28838
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 01:12:08 GMT
expires: Sat, 01 Jun 2024 01:12:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0528 0
0 378ms
378ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-9421549393799412&output=html&h=50&adk=1081326337&adf=3016456172&pi=t.aa~a.2227863559~rp.1&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1717204327&rafmt=1&to=qs&pwprc=7165552369&format=1200x50&url=https%3A%2F%2Fipsw.me%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717204327575&bpp=1&bdt=1490&idt=-M&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1458ec7787b0a792%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MbzVnVBEGX_aYkFox_kujH7Xz08Dw&gpic=UID%3D00000daeb6f07ade%3AT%3D1717204326%3ART%3D1717204326%3AS%3DALNI_MYu9RAHu6fAgajXEheZ9dIijz5SsQ&eo_id_str=ID%3D33c3c780cd6ff024%3AT%3D1717204326%3ART%3D1717204326%3AS%3DAA-AfjYIoAdTnJJoJniChxmlGgMe&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90%2C1200x90%2C1200x90&nras=5&correlator=2327810109180&frm=20&pv=1&ga_vid=2064548942.1717204327&ga_sid=1717204327&ga_hid=1607700266&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31084103%2C95334156%2C95334312%2C31078668&oid=2&psts=AOrYGsmXs1spMPdMUqkDI0XKM9vZGTZlhgJRACaPzfG4n8odb8QSYRVq2dbDZXweuDj5Inl1bYMybn4Ap53xunjtp-55ng&pvsid=1739381456643699&tmod=941863895&uas=0&nvt=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=159

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 01:12:08 GMT
expires: Sat, 01 Jun 2024 01:12:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/ Frame 2061 0
0 0ms
0ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 39004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 14:22:02 GMT
etag: 3711839061170457607
expires: Fri, 14 Jun 2024 14:22:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/ Frame 50DB 0
0 0ms
0ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 39004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 14:22:02 GMT
etag: 3711839061170457607
expires: Fri, 14 Jun 2024 14:22:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 49ms
48ms Ping
text/plain 64.233.180.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FLTLWFSYM0&gtm=45je45t0v878488244za200zb71548909&_p=1717204326202&gcd=13l3l3l3l1&npa=0&dma=0&cid=2064548942.1717204327&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1717204326&sct=1&seg=0&dl=https%3A%2F%2Fipsw.me%2F&dt=Download%20iOS%20Firmware%20for%20iPhone%2C%20iPad%2C%20iPod%20Touch%2C%20Apple%20Watch%2C%20Apple%20TV%2C%20HomePod%20and%20Vision%20Pro%20%2F%20IPSW%20Downloads&en=ad_impression&ep.query_id=CNrfoc-cuYYDFeSppgQdF6QN6Q&_et=942&tfd=1824
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLTLWFSYM0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.180.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: pe-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 01:12:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsw.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 generate Show response
fundingchoicesmessages.google.com/f/AGSKWxWhMeod5xqPGH5Dunmnd1XeBauNLSMrh-HekKkZXeKS9P8Al0y-RLGxkzkB9ZC2XRw0UlSbDcvxqNSRaLOcetfp7ERFveJD3Vv1eoahywXnAfef1I7ii7JFUAnd8grG04wLTK2q-00XpUraclWLACPvBgHte... 54 B
110 B 59ms
58ms Script
application/javascript 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWhMeod5xqPGH5Dunmnd1XeBauNLSMrh-HekKkZXeKS9P8Al0y-RLGxkzkB9ZC2XRw0UlSbDcvxqNSRaLOcetfp7ERFveJD3Vv1eoahywXnAfef1I7ii7JFUAnd8grG04wLTK2q-00XpUraclWLACPvBgHteROOMQKLRwmLrP73iW-_K2rkrY7Jyl_w/_/picAd./adwriter2./abDetector.js/adsarticlescript./ad/generate?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CMUaI49suAs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwbYrwNqnXeuY0yANh_7auhRcMMsg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

938ac8fe0166815d5dbe9e8f9331a3e56b1a08225d8e76ea1da9086835b4f599

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l4LtT8pOTC6vtJU6HjS2ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l4LtT8pOTC6vtJU6HjS2ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1JBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQt3--wDoViIV4OF68ermJTeDE1zMXGZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDEyNDfQMzOILDAAN_jfR"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 38ms
38ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

42c17d22b22938a35c50a7cdd519fa30c6ab2683081455c6fee16de7dc263bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30743
x-xss-protection: 0
server: cafe
etag: 15537266040051062085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Jun 2024 02:09:44 GMT

POST
H3 204 AGSKWxWWKZzUxdAUoS7tiWkdAIcpL6Om17xyMnsJfQ2nHOv8ewhrENU-Ney-jwExDuYzJCU-lxFnCYJhL6kKSeKU0w7PWbK8osRNndldkI2nO-wzVGGQgWDUGjpKd2uc-jiGHR1ApYhXZw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 134ms
57ms XHR
text/html 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWKZzUxdAUoS7tiWkdAIcpL6Om17xyMnsJfQ2nHOv8ewhrENU-Ney-jwExDuYzJCU-lxFnCYJhL6kKSeKU0w7PWbK8osRNndldkI2nO-wzVGGQgWDUGjpKd2uc-jiGHR1ApYhXZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uWXTxwnrv3DvPOosUSTy6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-uWXTxwnrv3DvPOosUSTy6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw05BicEqfwRoCxEI8HC9evdzEJnBjc9d3RiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqbKBnYBZfYAAA-NUjYQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWKZzUxdAUoS7tiWkdAIcpL6Om17xyMnsJfQ2nHOv8ewhrENU-Ney-jwExDuYzJCU-lxFnCYJhL6kKSeKU0w7PWbK8osRNndldkI2nO-wzVGGQgWDUGjpKd2uc-jiGHR1ApYhXZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-px__ONWgpMqokROc_2h9nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-px__ONWgpMqokROc_2h9nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBicEqfwRoCxEI8HC9evdzEJnDi29rvjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU2EDPwCy-wAAAFg0jww"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWKZzUxdAUoS7tiWkdAIcpL6Om17xyMnsJfQ2nHOv8ewhrENU-Ney-jwExDuYzJCU-lxFnCYJhL6kKSeKU0w7PWbK8osRNndldkI2nO-wzVGGQgWDUGjpKd2uc-jiGHR1ApYhXZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xhTIUV1EtUcpUOGebmef_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xhTIUV1EtUcpUOGebmef_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw15BicEqfwRoCxEI8HC9evdzEJrDi1d9vjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU2EDPwCy-wAAAG50j2w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ipsw.me
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWKZzUxdAUoS7tiWkdAIcpL6Om17xyMnsJfQ2nHOv8ewhrENU-Ney-jwExDuYzJCU-lxFnCYJhL6kKSeKU0w7PWbK8osRNndldkI2nO-wzVGGQgWDUGjpKd2uc-jiGHR1ApYhXZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5HOGrYai57hDoUxk78JbFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-5HOGrYai57hDoUxk78JbFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoCxEI8HC9evdzEJjDjy7ZvjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU2EDPwCy-wAAABBIjig"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVTXshMNGdMOoNc7EV1XuwOJ9Oersoq-waHAgzctVV8yAU6kb0FfCLlLbO8RYhfK6antX7yPZdY_j2x3JNSLgE3v0GPL948GjHg_R37VqjXCet3nt_Qw49-JmgsFugpcN63QneDtA== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 64ms
64ms Script
application/javascript 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVTXshMNGdMOoNc7EV1XuwOJ9Oersoq-waHAgzctVV8yAU6kb0FfCLlLbO8RYhfK6antX7yPZdY_j2x3JNSLgE3v0GPL948GjHg_R37VqjXCet3nt_Qw49-JmgsFugpcN63QneDtA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE3MjA0MzI4LDQ1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaXBzdy5tZS8iLG51bGwsW1s4LCJDTVVhSTQ5c3VBcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

f3f391805c575800257454484104b25fbee7935f099064e2873caa9b3727ae66

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ka6m3hHbEVWwv6SamRkKKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ka6m3hHbEVWwv6SamRkKKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII1pBiOHnrNtNFID7vdIfpOhAbaDxnsgBiia8vmdSAOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAnPTvPGsBELd_vsA6FYiFeDhevHq5iU3gQ9_Pj4xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgamxgZ6BmbxBQYAvM888Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWKZzUxdAUoS7tiWkdAIcpL6Om17xyMnsJfQ2nHOv8ewhrENU-Ney-jwExDuYzJCU-lxFnCYJhL6kKSeKU0w7PWbK8osRNndldkI2nO-wzVGGQgWDUGjpKd2uc-jiGHR1ApYhXZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HDCI_UQ4KO9Q0SwnvmraJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-HDCI_UQ4KO9Q0SwnvmraJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoCxEI8HC9evdzEJrDh-MJ-JiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqbKBnYBZfYAAA3xsjBA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUvOmSRAR42ZKeI1TqxgnC9iCuPdoOBIpmZhlVHVzKLaLoc6kju3LnOFAEYJPGDO6yPlNlCZEyB355atJaUHBwrwzMqTggLY0L4aDctj_Q9bbhp1tQ7sGk1B3fPGOjhvoW5fUShvg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 66ms
66ms Script
application/javascript 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUvOmSRAR42ZKeI1TqxgnC9iCuPdoOBIpmZhlVHVzKLaLoc6kju3LnOFAEYJPGDO6yPlNlCZEyB355atJaUHBwrwzMqTggLY0L4aDctj_Q9bbhp1tQ7sGk1B3fPGOjhvoW5fUShvg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE3MjA0MzI4LDUyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaXBzdy5tZS8iLG51bGwsW1s4LCJDTVVhSTQ5c3VBcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

8ac1d0dd9c06335740f4d956d2b4559f07a37efa7fac2c3e6c3c72472b7256a2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GdqsF8yM1UWU5V3Oc4uVEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GdqsF8yM1UWU5V3Oc4uVEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw05BiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQt3--wDoViIV4OF68ermJTeDG_pVTmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDEyNDfQMzOILDADxMzdC"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxV-eKK9VToMhr9LvEWF2p7qNX5x0IsdUt8jYpZseohGjawgpPvf8Hj3ZcApTHxBANoXl1L-U0Dv7qv40h6yVN5VVRyiPjaThYU0lnmW8OWWbtOhZYdCh_NJ8ZpT5jdmxG6suAuIEw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
70ms Script
application/javascript 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV-eKK9VToMhr9LvEWF2p7qNX5x0IsdUt8jYpZseohGjawgpPvf8Hj3ZcApTHxBANoXl1L-U0Dv7qv40h6yVN5VVRyiPjaThYU0lnmW8OWWbtOhZYdCh_NJ8ZpT5jdmxG6suAuIEw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE3MjA0MzI4LDU5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9pcHN3Lm1lLyIsbnVsbCxbWzgsIkNNVWFJNDlzdUFzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

3c5061b7a4117554cf656f2d2acc7238be8e7f77ddb900a001a26321daa65b80

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-or6cjfQ6w5ZzOHBDOgZjug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-or6cjfQ6w5ZzOHBDOgZjug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1JBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQt3--wDoViIV4OF68ermJTaDhyNldTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqbGBnoGZvEFBgD0TTdD"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXkNSHrZ3zKqI6YQUWEJMk1BkjeugjUQSftNkGBNiz1BcaKUQ1B1hnDB1MPkiN_BxzmKryO96I74Egv2ViJd7AqI9ekODLvVDappTCyfDFySj_A9rh4gXEXZxM-z4IvqKAHCsZ7tw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 54ms
54ms XHR
text/html 172.253.115.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkNSHrZ3zKqI6YQUWEJMk1BkjeugjUQSftNkGBNiz1BcaKUQ1B1hnDB1MPkiN_BxzmKryO96I74Egv2ViJd7AqI9ekODLvVDappTCyfDFySj_A9rh4gXEXZxM-z4IvqKAHCsZ7tw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yPd8RyTqNUE33__qT5i-rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-yPd8RyTqNUE33__qT5i-rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1JBicEqfwRoCxEI8HC9evdzEJtCxa_M1JiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqbKBnYBZfYAAA5DsjHA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ipsw.me
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWKZzUxdAUoS7tiWkdAIcpL6Om17xyMnsJfQ2nHOv8ewhrENU-Ney-jwExDuYzJCU-lxFnCYJhL6kKSeKU0w7PWbK8osRNndldkI2nO-wzVGGQgWDUGjpKd2uc-jiGHR1ApYhXZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-folHWtIyp039wkIXDG69HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jun 2024 01:12:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-folHWtIyp039wkIXDG69HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoCxEI8HC9evdzEJtCw7eI1JiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqbKBnYBZfYAAA7ckjOg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ipsw.me
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 194ms
114ms XHR
application/json 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240529&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

06f01d9214c92fd62f71893b3b98b31545f6eb0f0ada77fddf0f7ccea49ff9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12692
x-xss-protection: 0

POST
H3 204 rum Show response
ipsw.me/cdn-cgi/ 0
135 B 23ms
22ms XHR
text/plain 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sat, 01 Jun 2024 01:12:09 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ipsw.me
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 88cb557068fc3705-YYZ

GET
H3 200 favicon.png
ipsw.me/assets/brand/ 2 KB
2 KB 38ms
37ms Other
image/png 104.26.8.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipsw.me/assets/brand/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.156 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e82fdf3c5aa18de39749dc3391112dcbca71d043c2ff0b12e544408514464161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; preload
age: 276866
cf-polished: origSize=4379
x-bz-content-sha1: 38bfa9270bd1eec1f155fac40e737fc220551bbc
x-bz-file-id: 4_z510b31194ebe890c63c80e12_f115cd13bd027f47f_d20201214_m204352_c001_v0001146_t0021
x-bz-file-name: brand/favicon.png
alt-svc: h3=":443"; ma=86400
x-bz-info-src_last_modified_millis: 1607974331000
x-bz-upload-timestamp: 1607978632000
last-modified: Tue, 28 May 2024 20:17:43 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNR2SejtC%2BqLldvXTCH3geVDk%2F%2BKfW9gs9kbPjILkhrf6ajn4ZsujlONav4bbCBv33T%2Fl9p6kQHc34xt6nn17VuIDCfKAdHUC1uSRjM1TTprpXcH6gOCWaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 88cb557068fe3705-YYZ

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 115ms
40ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_fy2021.js?bust=31084103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ipsw.me/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 01:12:09 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A87C 0
0 40ms
39ms Document
text/html 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 56569
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 09:29:20 GMT
expires: Sat, 31 May 2025 09:29:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 97DC 0
0 56ms
55ms Document
text/html 142.251.163.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.104 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f104.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sRcJfZ4hteQGWectr9U48g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://ipsw.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sRcJfZ4hteQGWectr9U48g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 01:12:09 GMT
expires: Sat, 01 Jun 2024 01:12:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240529&jk=1739381456643699&bg=!R0SlRAvNAAbEf60J5H87ADQBe5WfOA-JdGZPMtdopmUTbOmo1roXTLVkqRHVmlmU3dyRo3lAvFE5jX0xm8sx8aNRvuznAgAAAJZSAAAABWgBB34ANbq4KwdlS0LTWKWpgbCIitvAJW239IPHUC7Lg2ALREyvHRUrJXkI9E7_7q2F5-0R9DZNfPegCgBGdgeFYAfnckYEaPiSAsQbO3eQhut7Pov0gDgqZBla1-ZNWVM_c0MLBthvupJQFk-HyEja8xTCNOISU_gDq5JMDOm6KEa6G5kChB3W6XKg5dpefddxPAyNWw0TedrGvdv2VSc4WI376L8d8K4PNW-Sn9Mbmjr_tqdBv0AiozLv6XShCCOgonCblbEa-NYV49itFpROvBoqhAfXxM-I3WzcoYQzZgcn-L4oluuvfXkP-l7RPe0Dkhr9KAQAx8Fb-FThMXaBwh1Qwaa7nlWd7Zun05Ve_dOrDkkA4aykLufoBNObC8OthbLNEEzlLu-YEejf5QOa60LBpUTOw9ahnKMM685wOI72kEq4oMSwmNsJv-w1e8kwH4awld8OiGaQSh6F5IIWC6BzXstVJWu8zZCsoA5pd-32peESHmUrngF080TKKrXWlvn4h94XY4DRX1iGhM6rmhWTXM32YMjWa8E5pRgu3wyOs5SGUkQ0RBk1DEq146FCTSc-_4Jdp0GwTCGcr71dDBhczl62Ma_5XCFA5F4vB1nc6VIaZllBqVWCOeHDlfb_cnNPpc7miD-ntn_7tt8tp_JOHzr4_eZEtJvFE0nBM30--5sX-i7jIaqdMmVs2u1eKXYX3SaAXMFDv3MH4DTWSfu78YE03FHWTMkMvoep_Wv9C-V6GvvJPSDfp_fJnl1AcAIl0YwwmTJu6FIB8x8fJpZZAirteKmlm2vcstH8dOlRXCOJgL4SvEJm-L-cTiPrNQPIqT-59baHcmloR2yy0yN-mmCHjxe0fpmIwEni63SA16S6rjaeRFBM7jwdKBKRtjyyMhBeUzDD8yD2yqeYQ_-TVUNSgpOwPmt7AasYj4zysSKaZmb9TwKmXFbH4Nb6HrSQDzvAwmfMTgpWo87jxpqZKWGxupFSjn7Lh9lDfn00ytSoiHEq-AO7akAYdgS2W27J2l_dTK31

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ipsw.me/user	1969-12-31 23:59:59	Name: _gorilla_csrf Value: MTcxNzIwNDMyNnxJbmhDYldaWFQyWmtjR05FUWxVelExZGxMMGh3UlVRMEwzRnNiSEJWTkRGSGIzQkZkVkJWTW5aRGNWRTlJZ289fJzZw_sZHc4qZVoB1ukQ4yiPfAoU9kkh9KSV4Bib3SGm
.ipsw.me/	1970-01-21 06:36:04	Name: _ga Value: GA1.2.2064548942.1717204327
.ipsw.me/	1970-01-20 21:01:30	Name: _gid Value: GA1.2.563501818.1717204327
.ipsw.me/	1970-01-20 21:00:04	Name: _gat_UA-26022325-1 Value: 1
.ipsw.me/	1970-01-21 06:21:40	Name: __gads Value: ID=1458ec7787b0a792:T=1717204326:RT=1717204326:S=ALNI_MbzVnVBEGX_aYkFox_kujH7Xz08Dw
.ipsw.me/	1970-01-21 06:21:40	Name: __gpi Value: UID=00000daeb6f07ade:T=1717204326:RT=1717204326:S=ALNI_MYu9RAHu6fAgajXEheZ9dIijz5SsQ
.ipsw.me/	1970-01-21 01:19:16	Name: __eoi Value: ID=33c3c780cd6ff024:T=1717204326:RT=1717204326:S=AA-AfjYIoAdTnJJoJniChxmlGgMe
.googleadservices.com/	1970-01-20 23:09:40	Name: ar_debug Value: 1
.mediago.io/	1970-01-21 05:45:40	Name: __mguid_ Value: f992662de12bec5b2fuj6d00lwvf4bm4
gtrace.mediago.io/	1970-01-21 05:45:40	Name: cst_70 Value: ts=1717204328
.blismedia.com/	1970-01-21 05:45:44	Name: b Value: 665A7568DDF2043678DFDED3BLIS
.doubleclick.net/	1970-01-21 06:36:04	Name: IDE Value: AHWqTUn3q8w634zKszWWAdhwoqldnTTc5if8dAqt-gN-jtd0qviP-kcU7R5oGh33Q3k
.yahoo.com/	1970-01-21 05:46:01	Name: A3 Value: d=AQABBGh1WmYCENrwmI8AaE04_27QzmJKndkFEgEBAQHGW2ZkZgAAAAAA_eMAAA&S=AQAAAntxG8OcX4SScq5pAPoz1PA
.adsrvr.org/	1970-01-21 05:45:40	Name: TDID Value: 70a234b4-8ffc-4ef8-ae66-c19d2f045d8b
.zemanta.com/	1970-01-21 05:45:40	Name: zuid Value: OrL0u0stxyRb8UuwAmkN
.ipredictive.com/	1970-01-21 05:45:40	Name: cu Value: 2b90f153-e209-46ce-b3b8-1941e2099917\|1717204328396
.adsrvr.org/	1970-01-21 05:45:40	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIqMWcwLz4gD0QBRgFIAEoAjILCKj46-zS-IA9EAU4AQ..
.adrta.com/	1970-01-21 06:36:04	Name: __aavi Value: 344568544297566509
.adrta.com/	1970-01-21 06:36:04	Name: __aavt Value: 1717204328500
.adrta.com/	1969-12-31 23:59:59	Name: __aasi Value: 16252620839954516548
.adrta.com/	1969-12-31 23:59:59	Name: __aast Value: 1717204328500
.ipsw.me/	1970-01-21 06:36:04	Name: _ga_FLTLWFSYM0 Value: GS1.1.1717204326.1.0.1717204328.58.0.0
.adx.opera.com/	1970-01-21 05:45:40	Name: UID Value: OPU4f0cef20ab6a47038d00a3ee07fce66c
.owneriq.net/	1970-01-21 06:36:04	Name: si Value: Q7704907281991095177P
.owneriq.net/	1970-01-20 21:14:28	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 21:14:28	Name: gguuid Value: 1
cookies.nextmillmedia.com/	1970-01-20 21:10:09	Name: NMUID Value: 4b75c614-9710-489e-8ddc-31cbdee19280
.ipsw.me/	1970-01-21 05:45:40	Name: FCNEC Value: %5B%5B%22AKsRol-KOaGUElVLYMI7FfL16zXU0A2sYT3Uhx_U6GLNKjAxs5wSzhMf7H5ccIz1IaU49CXt9UGSWuPxhCDWEBEsUFbXK1CFLaRUlgEeo43cy0YJbAsBZHJs1Bt2GQvpYELC7kazEUriRGnOlPolR_Di_EkRiVgcdg%3D%3D%22%5D%5D
.travelaudience.com/	1970-01-21 06:28:52	Name: _tracker Value: %7B%22UUID%22%3A%2211CC5FAE-390D-4E09-2766-0F49B2B20515%22%7D
.linkedin.com/	1970-01-21 05:45:40	Name: bcookie Value: "v=2&5d505a55-646c-4c7e-8e18-8eba79d96dd1"
.linkedin.com/	1970-01-20 21:01:30	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2793:u=1:x=1:i=1717204328:t=1717290728:v=2:sig=AQGYzaCrsjP6hVOdaWS0R1LIgBqA_1d8"
cookies.nextmillmedia.com/	1970-01-20 21:00:04	Name: t_p Value: 1
cookies.nextmillmedia.com/	1970-01-20 21:00:04	Name: rdrcts Value: eyJhcHBuZXh1cyI6dHJ1ZX0=
.e.dlx.addthis.com/	1970-01-21 06:30:18	Name: na_tc Value: Y
.addthis.com/	1970-01-21 06:30:18	Name: na_id Value: 2024060101120877700801267618
.addthis.com/	1970-01-21 06:30:18	Name: na_tc Value: Y
.addthis.com/	1970-01-21 06:30:18	Name: uid Value: 665a75680cc772d3
.addthis.com/	1970-01-21 06:30:18	Name: ouid Value: 665a756800015ed5e5a9af27e67d3428b74fba30345dc0a9aff0
.dlx.addthis.com/	1970-01-20 21:43:16	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 21:43:16	Name: na_sr Value: 20240601
.dlx.addthis.com/	1970-01-20 21:00:04	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 21:43:16	Name: na_sc_e Value: 0
.adnxs.com/	1970-01-21 06:36:04	Name: receive-cookie-deprecation Value: 1
.uuidksinc.net/	1970-01-21 05:45:40	Name: jcsuuid Value: zuwlrHfLRxYP75IaC4zp

128 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ipsw.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ipsw.me
pagead2.googlesyndication.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.16.80.73
104.26.8.156
142.250.31.155
142.250.31.156
142.251.111.97
142.251.163.104
142.251.163.94
142.251.167.132
142.251.167.139
172.253.115.113
172.253.122.156
64.233.180.113
06f01d9214c92fd62f71893b3b98b31545f6eb0f0ada77fddf0f7ccea49ff9cb
0bca20e54df61de2ae5e0ccca7ffabf674b569f4b169ab7444932f82f4257577
1aefe2b02848a3e751a416f329e050d5dd35903ced406d864869e4dbf423df8a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e144f3d017f6e29d6a311cbaa94743d8013b3cbac7571c2d02ad5e6cc4dd514
1f6043b4b6017900d941b6b33463eb245e7047cb8e4636422cebab813f07ace7
3c5061b7a4117554cf656f2d2acc7238be8e7f77ddb900a001a26321daa65b80
3e7bfa2e9aaea3599c28b1176abd8e7c189a299fadf0ab35bce63a18d191b86b
42c17d22b22938a35c50a7cdd519fa30c6ab2683081455c6fee16de7dc263bb0
4791705da94e3d2e0055c5e3360427d6b89c46a0752761d21becd5b70698cae7
5a25f35480b4b686fb2a562d5827cf40dc7bc3e62b651274d0e0a043a61508ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
84c888b4f39efa3245048413cd215cb1774f4a027839d6845a30c835ef805748
8ac1d0dd9c06335740f4d956d2b4559f07a37efa7fac2c3e6c3c72472b7256a2
938ac8fe0166815d5dbe9e8f9331a3e56b1a08225d8e76ea1da9086835b4f599
a2502fe8f6ea986c42799dd669acdb5a11da0818f9d109f5f36e3ab0e177e32d
ac8c8a6a149f603d660ab97ecf12175dc2b80006d8a74131502e461199d5a575
ad6488917991c47dd870cc8f714ec8de9a356f8b118abd432086a0f49bb75232
bb6b44d81f719157a461be7665eaf4ba85b15ddfa06214730ef93b57f1106742
c16acd4e244d331fa74466587a8f980e1d3ad80130c320347d9847437494e057
c3c9cdefcc92e55c9695f7268a1985ddcdc4398de8445fbb5bb64faeb0dff765
ced9cc9c9ff6e62944ef7ccc23ab27d0bf3f29d79de1f24682ffdbbfab3937d5
d3dd0d8065c290708e588c6675db7897b58e5fe4cf362aac2da25f24fe7f391d
d9cc7e15328d071194bcd9a562ce2d80f36067fa9995605d24aeb7923170fb31
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74b6aac999df90746472666470db99c878ca48048601d46887406e6df3e6df6
e82fdf3c5aa18de39749dc3391112dcbca71d043c2ff0b12e544408514464161
ea8bf97e63c45950c93d9bd28f5190787b01332d40955fce6baf8680dbb3ec6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff6d1cf14602d63758ee86426d17d1054a1a9973df6715b576c780a1b453b9e
f3f391805c575800257454484104b25fbee7935f099064e2873caa9b3727ae66
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

ipsw.me Open in urlscan Pro 104.26.8.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

0 %IPv6

8 Domains

12 Subdomains

13 IPs

2 Countries

961 kBTransfer

2497 kBSize

44 Cookies

7 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ipsw.me Open in urlscan Pro
104.26.8.156 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

13
IPs

2
Countries

961 kB
Transfer

2497 kB
Size

44
Cookies

57 HTTP transactions
0 data transactions