pestablog.com Open in urlscan Pro
2606:4700:3037::ac43:92fe Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pestablog.com/
Submission: On December 02 via api (December 2nd 2023, 12:10:22 pm UTC) from US — Scanned from US

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 11 domains to perform 81 HTTP transactions. The main IP is 2606:4700:3037::ac43:92fe, located in United States and belongs to CLOUDFLARENET, US. The main domain is pestablog.com.
TLS certificate: Issued by GTS CA 1P5 on December 2nd 2023. Valid for: 3 months.

This is the only time pestablog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:303... 2606:4700:3037::ac43:92fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:402... 2607:f8b0:4024:c01::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
1 10	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4024:c00::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4024:c02::9d	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4024:c00::5e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:402... 2607:f8b0:4024:c09::84	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4023::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4024:c01::5e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400c:c0f::78	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:402... 2607:f8b0:4024:c02::64	15169 (GOOGLE) (GOOGLE)
1 1	2600:802:b10:... 2600:802:b10:5::11	701 (UUNET) (UUNET)
1	2607:f8b0:400... 2607:f8b0:4006:a::a	15169 (GOOGLE) (GOOGLE)
2	172.253.113.155 172.253.113.155	15169 (GOOGLE) (GOOGLE)
81	18

20 2606:4700:3037::ac43:92fe (United States)

ASN13335 (CLOUDFLARENET, US)

pestablog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4024:c01::9c (Clarksville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80d::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c00::5f (Clarksville, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4024:c02::9d (Clarksville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4024:c00::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4024:c09::84 (Clarksville, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4023::84 (Clarksville, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4024:c01::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400c:c0f::78 (Charleston, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c02::64 (Clarksville, United States) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:802:b10:5::11 (United States) 1 redirects

ASN701 (UUNET, US)

r6---sn-8xgp1vo-ab5d.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:a::a (United States)

ASN15169 (GOOGLE, US)

r5---sn-ab5sznzl.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.113.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ma-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	405 KB
20	pestablog.com pestablog.com	1 MB
14	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	261 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	123 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	136 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	9 KB
3	gvt1.com 2 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3633 r6---sn-8xgp1vo-ab5d.gvt1.com r5---sn-ab5sznzl.gvt1.com — Cisco Umbrella Rank: 399909	1 MB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	252 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	78 KB
81	11

	Domain	Requested by
20	pestablog.com	pestablog.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net pestablog.com tpc.googlesyndication.com c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
10	securepubads.g.doubleclick.net	1 redirects pestablog.com securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	pestablog.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
5	csi.gstatic.com	www.gstatic.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	www.gstatic.com	c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	ajax.googleapis.com securepubads.g.doubleclick.net c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
2	www.googleadservices.com	c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
2	c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	r5---sn-ab5sznzl.gvt1.com	c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
1	r6---sn-8xgp1vo-ab5d.gvt1.com	1 redirects
1	redirector.gvt1.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	pestablog.com
1	www.googletagmanager.com	pestablog.com
81	19

This site contains links to these domains. Also see Links.

Domain
tielabs.com

Subject Issuer	Validity	Valid
pestablog.com GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://pestablog.com/
Frame ID: 75C3B9A222B6906C22F6AD36C4C91BA0
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: C4C81306BBA1188C8B4AA2AC28D9C823
Requests: 1 HTTP requests in this frame

Frame: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E1C78F0839B85598AD69A19B3D2D7140
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9807711039614111&output=html&adk=2969136045&adf=3689892565&lmt=1701519015&plat=1%3A16777280%2C2%3A64%2C3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpestablog.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701519015300&bpp=5&bdt=410&idt=556&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3375841400438&frm=20&pv=2&ga_vid=868832929.1701519016&ga_sid=1701519016&ga_hid=1689153151&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44795921%2C31078301%2C31079861%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2151687061189097&tmod=576464476&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=589
Frame ID: 3088BD840235D605101C9A9352F01590
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: BC558659A6D65A8C63A6DC26E2E90921
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9797A93630C42BEDB9205BD5A7981E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D2BD71F24C0868F5A03EEFE8575C5285
Requests: 2 HTTP requests in this frame

Frame: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B82BFC7C3C7356E639C65F5C9813BA9
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pesta Blog - Pesta Blog

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

81
Requests

96 %
HTTPS

95 %
IPv6

11
Domains

19
Subdomains

18
IPs

1
Countries

3855 kB
Transfer

6141 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tielabs.com/go/jannah-sites-footer
Title: Jannah Theme by TieLabs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://redirector.gvt1.com/videoplayback?id=b3876b4706fd1698&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1701526216&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=A91C14F7B6010087D1CD1DDC96F738FAC6154E69.BAC18CDF0393522C28E302B18265E50673325ED2&key=ck2 HTTP 302
https://r6---sn-8xgp1vo-ab5d.gvt1.com/videoplayback?id=b3876b4706fd1698&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701526216&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=014FF6297D5817ED2E55A1AF097C9764BCCB0018.3EBB4C4D32DC22B7A0E220425E5743F853FC4A56&key=cms1&cms_redirect=yes&mh=y-&mip=2600:803:a88:1076::76&mm=28&mn=sn-8xgp1vo-ab5d&ms=nvh&mt=1701518871&mv=u&mvi=6&pl=49 HTTP 302
https://r5---sn-ab5sznzl.gvt1.com/videoplayback?id=b3876b4706fd1698&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701526216&sparams=expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=6BFCCD36F73D8BAF436105076159ECB834C7BDA9.68A30E41D101545BA0F81B44F7874CA9BEFBA78F&key=cms1&mh=y-&pl=49&redirect_counter=1&cm2rm=sn-8xgp1vo-ab5d7d&req_id=956fd30f168b36e2&cms_redirect=yes&ipbypass=yes&mip=2600:803:a88:1076::76&mm=42&mn=sn-ab5sznzl&ms=onc&mt=1701518712&mv=u&mvi=5

Request Chain 75

https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ8KnqB5rZcOtDreT6toP0rS_yAz_ssTKdNikueqzEt_57MONDhABIJyX3p8BYMkGoAGPvN-SKsgBCakCBkSzFhvIST7gAgCoAwHIAwqqBPYBT9A9xhAD48k1SW9crj__zDFZB_gCCqNxiDqxw7mOVPMUJBFJz2cWdgVRXed3Sseodky7wmLghgAtO-Jr8y4DqIHt4vFhXikYhEfatW0zI6wXv_u7laaK9yKz9Ef-eZRWOcVWbZ8DUBRPxt8K7tUVJMWDYZWLqj9BD0TiSGGDzObOKV_dyteWZlpqdyvd_rtmV8rnfoCGDuJBJEI7cGFnbXk4zZZM2VO2b7PUryPdcaWtmJMFIoNkkYt5CEC6Q_huAcL7YAHAKmp9GrH0zcql6YJqEhnbcW21FoDNs9nndYTeCxRYTAc2Q8BsT5zYkvdK-EliTI-IwATj_KS_2ATgBAGIBfuhja9NkgUECAQYAZIFBAgFGASgBi6AB4_0r_IEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQzrgz0ggdCIBhEAEYHTICigI6AoBASL39wTpYuvWSpNzwggOaCYMDaHR0cHM6Ly9uZXh0Z2VuaW5mb2h1Yi5jb20vX2NvbnRlbnQvYXJ0aWNsZT9hcnRpY2xlSWQ9bWJhK2FjY291bnRpbmcrYW5kK2ZpbmFuY2UmYnJhbmQ9NzM0MDg5MzIyOCZzdWdnZXN0ZWRUZXJtcz1NQkElMjBpbiUyMGFjY291bnRpbmclMjBwcm9ncmFtcyxCZXN0JTIwTUJBJTIwYWNjb3VudGluZyUyMGNvdXJzZXMsT25saW5lJTIwTUJBJTIwaW4lMjBhY2NvdW50aW5nLEFjY291bnRpbmclMjBzcGVjaWFsaXphdGlvbiUyMGluJTIwTUJBLE1CQSUyMGFjY291bnRpbmclMjBjYXJlZXIlMjBvcHBvcnR1bml0aWVzLFRvcCUyMHVuaXZlcnNpdGllcyUyMGZvciUyME1CQSUyMGFjY291bnRpbmcmYWRDb3B5VGl0bGU9bWJhK2FjY291bnRpbmcrYW5kK2ZpbmFuY2UmcGFnZT1jb250ZW50gAoDyAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLaDBEKCxCQutvawPTu34MBEgIBA-INEwiGrpOk3PCCAxW3iVoFHVLaD8m4E5wb2BMMiBQB0BUBmBYBgBcBshcfCh0IABIUcHViLTk4MDc3MTEwMzk2MTQxMTEYhu2aAQ&sigh=fnUOTbrLucQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNLrv8fE5oD-Bkv35oUaiiDoC0Py3KVaRhlAO-LOgtGYQbH40dLXv4_ZnpAS48hDgkqbfpvUz-0pI2K85MTsawxWtrQtETctADZRgB&template_id=3484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1caf8b8b06dcf0d70000000000000000%22,%222%22:%220xf01689dffdb4382e0000000000000000%22,%223%22:%220x5ac68205fc8ca08c0000000000000000%22,%224%22:%220x22e17f28ed192b8c0000000000000000%22,%225%22:%220xa9aba05e21a83090000000000000000%22},%22debug_key%22:%222133957935556627692%22,%22debug_reporting%22:true,%22destination%22:%22https://nextgeninfohub.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211313602063%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226376246320990354961%22}&andc=true

81 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pestablog.com/ 180 KB
54 KB 306ms
122ms Document
text/html 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.18

Resource Hash

9713367d7585374f40073b720ec0b0ca428d6caf7db7dfd1eb47fe8299fcf76a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f377325a561859-EWR
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 12:10:14 GMT
link: <https://pestablog.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE5kgJDp7VNq1Nl%2FAKVrxVzc3WSrdR0K5AsWC5grSMvuGTKm9kW0ykILWP6z3mdD3ru0cHD1TT%2B0aRS9UenXAcmchhMU4CXVEB4uo%2FckCZrCP84SHNvCDpNbf9zeDbvviiyg%2F8xU8wb9%2FgpP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-powered-by: PHP/8.1.18
x-turbo-charged-by: LiteSpeed

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 308ms
131ms Script
text/javascript 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9807711039614111

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cd72c9a55360887f61bcee986094f939e9b3c7796855b9d11912e1ae2d0c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pestablog.com/
Origin: https://pestablog.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51646
x-xss-protection: 0
server: cafe
etag: 4005860754201028372
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 12:10:15 GMT

GET
H2 200 style.min.css
pestablog.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 59ms
58ms Stylesheet
text/css 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 11:38:19 GMT
server: cloudflare
etag: W/"1add3-654cc4ab-d0895a7f8765e16c;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HD2Qf%2B3tRQhAuS2TiivRz4qNy2%2Fzf5%2FgTbIiph4uSbgeSd%2BOrPXgvCg3Fblyv4XGnRW6m%2Fsk7enSu7X1pnkYgf0ad8rZAQLxEFWafNb1Vfz9Zt5rspu%2BfsAuqsHq7XHG7EoNhrIxMtPwbrun"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377333ac81859-EWR
expires: Sat, 09 Dec 2023 09:40:14 GMT

GET
H2 200 base.min.css
pestablog.com/wp-content/themes/jannah/assets/css/ 41 KB
9 KB 57ms
55ms Stylesheet
text/css 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.0

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

417500ffbbc3a9af0b9f1834ab929a2c9cc931fc7510da64e1c96bd4879e54d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: W/"a411-6564bc74-4f34103d68711e00;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwChvgpnsRcUQMA2M5XG1ACCLQRR1ePkWrxwMn1v0iEdNU5ZesEXzYXfDfEq9z68OtGbFG4fefjMLOuHuPGP0m8VpCNdAhNIgFFKMmsiC19ZgJEn3HxhuOeo%2BhswwhWVuYKu3QsANAa0A0b1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377335ad91859-EWR
expires: Sat, 09 Dec 2023 09:40:14 GMT

GET
H2 200 style.min.css
pestablog.com/wp-content/themes/jannah/assets/css/ 148 KB
26 KB 144ms
143ms Stylesheet
text/css 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.0

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc5586cd5ce618d470309ab9bdd3f6c720febfdd03902676855cbd6dd3b9c9e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: W/"2516d-6564bc74-77328d1757d81c07;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JvMLoHzU%2FxDkPAC0kl9G2M7RgE7rJw%2FLdcAmDqZVGR%2FOoWerfnJ8Mgw6d4aMAgdYj9qDE%2BsPTBjDPgCLP6yJmyU%2FQh54FLOMjSwv%2FZekn42%2F5ANzE48DWcNO4nCxfdQpLYD33gNt%2Buv05C5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377336ae71859-EWR
expires: Sat, 09 Dec 2023 09:40:14 GMT

GET
H2 200 widgets.min.css
pestablog.com/wp-content/themes/jannah/assets/css/ 48 KB
9 KB 75ms
74ms Stylesheet
text/css 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.0

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed4e3a2582066053f30dc25664f386e4d9714b947f2d4028c6d5fb1c099fd1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: W/"bf9d-6564bc74-3fa4b2e5f657d917;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srn%2B30xqY%2B%2F%2BFFRub%2BzhBlmTteSKR27rnapu4D9Db3Dd8uZ%2B%2BTe%2FXVb1gEj3mQg%2FkoNQNn3zKy9S%2BemxZ9TFXo%2BKW%2BzdO5FJ7FwNBPy5e7mTU72MQbOL0a45Y%2Fksllrn4c%2Fkb1s9QDwY%2BUHv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377336ae81859-EWR
expires: Sat, 09 Dec 2023 09:40:14 GMT

GET
H2 200 helpers.min.css
pestablog.com/wp-content/themes/jannah/assets/css/ 39 KB
8 KB 78ms
78ms Stylesheet
text/css 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.0

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

528dfffee011fcdb177966a7a9e17bbca5995842fa5d27d7f633db245b38cd18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: W/"9bde-6564bc74-9feea152997f02a4;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79%2FULQYkZClqMB5ElCWhL4dSzfNAiu7hzG87L9WQU%2FW%2B6Z89nCXW4ya1MMJDZyuZghkw%2Bg0wdjo%2FkKCVYbdq86C639lleyxwheEcHdkjVSmLPcZiADCJIZCjfLMyOuIacCqrD2RnSayQNZ%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377336ae91859-EWR
expires: Sat, 09 Dec 2023 09:40:14 GMT

GET
H2 200 fontawesome.css
pestablog.com/wp-content/themes/jannah/assets/css/ 57 KB
13 KB 143ms
142ms Stylesheet
text/css 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.0

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: W/"e526-6564bc74-717e08e4c6dbb345;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BU0itDTgK6tu0AtcNHSxeKZOJSrN5QzWDvp5yaJrSGbAb2CSJfG8tvUmA%2Boe%2FvN8%2FgGQkiYesRm5NqGVvabZjeMpJepKXtoBj%2FiZLLDi6bdpH8rvaDzjjCXVO62uimHasUNniN%2FqU31ytc%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377336aea1859-EWR
expires: Sat, 09 Dec 2023 09:40:14 GMT

GET
H2 200 skin.css
pestablog.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 12 KB
2 KB 150ms
149ms Stylesheet
text/css 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.0

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: W/"2ef2-6564bc74-606bd3132e212696;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6XknXDP09N95D9bWbip%2FT1ZWVvS74KEN0woRCsEcv2Hb%2BoBr6c3viYXiYmRHnPyxnkz%2BYSQNSzIlzR%2BaHG59g4HaK2sx8KWacJ6NtDW3qwTF1KttYhVVbBMy7b1Cp%2F8gnNV5IaDWcrR2CAM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377336aeb1859-EWR
expires: Sat, 09 Dec 2023 09:40:14 GMT

GET
H2 200 jquery.min.js Show response
pestablog.com/wp-includes/js/jquery/ 86 KB
31 KB 150ms
150ms Script
application/x-javascript 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 11:38:19 GMT
server: cloudflare
etag: W/"15601-654cc4ab-4140cd8b67290161;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyj5KFHGkgqCklpUwZDC7YMxPAhRV%2BE84Cbk9ApBROOy1oHh02MInG9l%2BW5YsgInKxG37EzBYZ5TW3LflN4K54wLUAg1V%2Fqgg8v0NQ3R2eKTd2YalXqLmCpxB6Kdyw7Ubeoa12zYVCvCbTqr"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377336aec1859-EWR
expires: Sat, 09 Dec 2023 09:40:14 GMT

GET
H2 200 jquery-migrate.min.js Show response
pestablog.com/wp-includes/js/jquery/ 13 KB
5 KB 128ms
127ms Script
application/x-javascript 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 11:02:03 GMT
server: cloudflare
etag: W/"3509-654cbc2b-7d6c5f4299dfe16f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeKLhywY%2BvVokXgS0xYjV2JsH%2FjBH2L3dUI7o%2BDmbb0msCoXZgVmtUll8hAHzggXvroDphOecOxXBJiwmC%2BiZPoJtEamBg%2BxaV9g2RoZGjjNIlBXrD3BVoyAcogtu7P%2BCntdsIPEA6IF5vo4"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377336aee1859-EWR
expires: Sat, 09 Dec 2023 09:40:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 246ms
89ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-PL3VVL6

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ac2c45e1e6cfd06282397b5775b2040c6b2181fe8a04d534df72fcf86f41c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79140
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 12:10:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 297ms
117ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ea869e657c4d934285d6012f033b36119154c090ea29d8824152e51d0ac686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29977
x-xss-protection: 0
server: cafe
etag: 473 / 19693 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 12:10:15 GMT

GET
BLOB 200
OK 3167564a-b3ec-44d2-a4f1-9f448541f0f0
https://pestablog.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pestablog.com/3167564a-b3ec-44d2-a4f1-9f448541f0f0
Requested by: Host: pestablog.com
URL: https://pestablog.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 logo.png
pestablog.com/wp-content/themes/jannah/assets/images/ 2 KB
2 KB 119ms
119ms Image
image/png 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/images/logo.png

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00fd294c46d27f6cf62b9b348106cff55f80557d485051a08327c9595347aaba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8996
alt-svc: h3=":443"; ma=86400
content-length: 1673
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: "689-6564bc74-d1ee51bb99ff4b09;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lljkZIqtJ6t5%2F28ZweS2IaqwXtZidwlOQDCr4un2b61NWy3ilE0mPDCVS0kRb%2Bpu5BZXV1uRE1TE%2FIZKCeRv7zlRTaICWdsw40Maam2rLxndiqh6K3C2biTtqaZd4a9VV2GQvakNCg9MIIG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 82f377336af01859-EWR
expires: Sat, 09 Dec 2023 09:40:18 GMT

GET
H2 200 meme1-390x220.png
pestablog.com/wp-content/uploads/2023/11/ 72 KB
72 KB 122ms
121ms Image
image/png 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pestablog.com/wp-content/uploads/2023/11/meme1-390x220.png

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48fa50f8622b17f06a45267362e717fb8451779cc78d6d198f264ae9ef8d3abc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8949
alt-svc: h3=":443"; ma=86400
content-length: 73352
last-modified: Thu, 30 Nov 2023 18:56:41 GMT
server: cloudflare
etag: "11e88-6568dae9-5b5b84a5272fcb87;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=467SuDNBv5TYI4Y9O9TRPjEKqZL%2BNLwTyC68r99MB4t8XlupXl%2BTw1yrcqjHGBQtbJ%2FEVCqQ6CtKaKzycsWVBJAl%2FRvBT27SaJHx43ZpmrC%2FqDL4MGBNPdvGqXYyvNzMcecwTOK50vTo8fT1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 82f377336aef1859-EWR
expires: Sat, 09 Dec 2023 09:41:05 GMT

GET
H2 200 Add-a-heading-63-390x220.png
pestablog.com/wp-content/uploads/2023/11/ 74 KB
75 KB 77ms
77ms Image
image/png 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pestablog.com/wp-content/uploads/2023/11/Add-a-heading-63-390x220.png

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37e77dca50f993240ee4e787468fc2422f45cd62da1370ef97d0782ecc862a40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:14 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8961
alt-svc: h3=":443"; ma=86400
content-length: 76104
last-modified: Mon, 27 Nov 2023 18:17:48 GMT
server: cloudflare
etag: "12948-6564dd4c-7f26409a8c66459f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuA1URSrwLMMRnp57U3dGEWlZ1OzD7l8q5SozqjZ6CQpl%2BS68syGk7Skf%2BBZXRU03B4oGBejb8jjGgePjYxtpm5IyhsG%2Bbv4PYYR3W%2FaMYwHt%2BdfivfkAcMyIrGqF31XrPueO%2BqHSZtCovxz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 82f377336af11859-EWR
expires: Sat, 09 Dec 2023 09:40:53 GMT

GET
H2 200 scripts.min.js Show response
pestablog.com/wp-content/themes/jannah/assets/js/ 23 KB
8 KB 65ms
64ms Script
application/x-javascript 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.0

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77427fa30b2e040935768430ebe77dafa03bce2f7a045c4fff5230f99841d799

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: W/"5b9d-6564bc74-c57714a426d9d812;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvOMMylkyhlP7o10paOZfB5iOoD0%2F4AdCJN915urRhKkHWdXdy8fGyizqGdV27RzIzlL3bgvK81qfq06K8I3vDsFFiiom7fkFnR%2BU4KjHyXV9appgliiFBGV2m%2Bp1kbjn5VMR3J8z6nOoFfj"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377342b691859-EWR
expires: Sat, 09 Dec 2023 09:40:15 GMT

GET
H2 200 lightbox.js Show response
pestablog.com/wp-content/themes/jannah/assets/ilightbox/ 80 KB
26 KB 81ms
79ms Script
application/x-javascript 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.0

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0df5bac42e20b19dafbdf42b5480133ffdf8885bf9d4fd9a8fa3043e3efd2ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: W/"13e34-6564bc74-76d79c3c9dac5154;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSj2oqqjg9XP1VQG%2FDV5U2HU8rVv0XaY8jyJGUhXKZm8wFpQq0tfkOoRuzQIdBFwnVQaellvp55dnRVyRFXg3vcCYynJLHivw%2BWRbb8qC%2BTLyBS5WaJzo8SRYq4OC47sMUgyjfvIsbsXtILh"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377343b771859-EWR
expires: Sat, 09 Dec 2023 09:40:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 348ms
168ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21ce129d30c0a3bdd9756100d241ab64bbe5060b1fd62deecc22c027d8e0d27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29977
x-xss-protection: 0
server: cafe
etag: 593 / 19693 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 12:10:15 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 296ms
108ms Script
text/javascript 2607:f8b0:4024:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::5f Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:01:12 GMT

GET
H3 200 tielabs-fonticon.woff
pestablog.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
25 KB 118ms
117ms Font
application/font-woff 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff

Requested by

Host: pestablog.com
URL: https://pestablog.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://pestablog.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.0
Origin: https://pestablog.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 15:57:40 GMT
server: cloudflare
etag: W/"9f6c-6564bc74-1a4df83bdced2859;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Y5yD8wviizflAQgJ7qd0GZCdbcPZv6jWBGJkKGbbapWOwuoyBZB5XIoSJBepGpZFbFJPpJ85hoR8M0TFuNXySdcnmFitDGaLCiWBZU2IUFZyNQGjhPnB4FuODoN2p%2Bx6JE6JRcLUgJF0UkP"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f37734de8e425e-EWR

GET
H3 200 wp-emoji-release.min.js Show response
pestablog.com/wp-includes/js/ 18 KB
5 KB 112ms
111ms Script
application/x-javascript 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pestablog.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8071
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 11:02:03 GMT
server: cloudflare
etag: W/"4904-654cbc2b-c40adf71d71f2a1a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2g66ey0XHRij%2FFFZnOFF0HXyQOFXpO1tWk%2F6%2B0aHrcbm3fceWKenxz0t7bSWzUIxQpFYIoP9AOGhgZCfe0KKDFXHGRUgUhzpD5%2BKWUYKatPmNSXoFFCXu5dQRtSpRarkVKRSLy4nlxkLHt2"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 82f377354eca425e-EWR
expires: Sat, 09 Dec 2023 09:55:44 GMT

GET
H3 200 Add-a-heading-62-1-768x432.png
pestablog.com/wp-content/uploads/2023/11/ 298 KB
298 KB 106ms
105ms Image
image/png 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pestablog.com/wp-content/uploads/2023/11/Add-a-heading-62-1-768x432.png

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a819fe245d7a3c8f91b58fd7d694d9918a19070ba01c207306fdda8be1c93058

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8945
alt-svc: h3=":443"; ma=86400
content-length: 304833
last-modified: Fri, 24 Nov 2023 18:24:50 GMT
server: cloudflare
etag: "4a6c1-6560ea72-11e5c2246397e981;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjH5GekKlzr4HoJiVynizoDiqZYN5cubsOhy%2FjMvOGbded9QWsMYuvG%2BxCWuItvb3xqlFUaDAJiRPUZD1M8Lbq5%2BaEuNv7BaZ4g7LiX7AaqFUxUPyJ%2F2K31Y%2F3maq9OV2ptwaL%2Fm4js27Vzn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 82f377355ed1425e-EWR
expires: Sat, 09 Dec 2023 09:41:10 GMT

GET
H3 200 Add-a-heading-59-1-768x432.png
pestablog.com/wp-content/uploads/2023/11/ 359 KB
360 KB 395ms
394ms Image
image/png 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pestablog.com/wp-content/uploads/2023/11/Add-a-heading-59-1-768x432.png

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd245d065845b2b0d8f318209165607deb6ea96f88a56ccddcb511dd4c177adc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8942
alt-svc: h3=":443"; ma=86400
content-length: 368012
last-modified: Thu, 23 Nov 2023 19:51:01 GMT
server: cloudflare
etag: "59d8c-655fad25-4b532779ab54c783;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCLie9OPNfQMRX6JiFW4xvpne1V%2FhX5wLoWOTcNYGV5Qm0758TzsZSiTsvaTmbHz4WPkY1UuYxSromsHHBOWOQ66J0oQ4LDf%2BKr4eMXUcvwtFp52JmQ6r1kTSlJl1m2pU1KqFwyUbnx%2FOhEq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 82f377355ed4425e-EWR
expires: Sat, 09 Dec 2023 09:41:13 GMT

GET
H3 200 Add-a-heading-50-1-768x432.png
pestablog.com/wp-content/uploads/2023/11/ 359 KB
360 KB 474ms
473ms Image
image/png 2606:4700:3037::ac43:92fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pestablog.com/wp-content/uploads/2023/11/Add-a-heading-50-1-768x432.png

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:92fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b434b16d97f601e8b5bdc58980ee863ae330d2ec8520a0fa843ecb122d9ed35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8942
alt-svc: h3=":443"; ma=86400
content-length: 367458
last-modified: Fri, 17 Nov 2023 15:27:43 GMT
server: cloudflare
etag: "59b62-6557866f-ba4bf045290a545;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu2sei9GN2MKHBj7rLsBDhTZamob2QSsHpz0WJUqxAU6sP9%2BX089hquiHEuDzoWJ47rjvZNW6KUDCbanHCD6LikI85dvbMf4g6eeXfTINJ4cpRka3Wh8DZbyiC5SNandgdEnxBOzj4OZoc1w"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 82f377355ed5425e-EWR
expires: Sat, 09 Dec 2023 09:41:13 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 398 KB
134 KB 340ms
143ms Script
text/javascript 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_fy2021.js?bust=31079861

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9807711039614111

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b413106c06a231fbdf3a1ee9afd6ddcd910ef9e060f4dd3ab3801edd27734b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137481
x-xss-protection: 0
server: cafe
etag: 9590601886966756231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 12:10:15 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame C4C8 9 KB
4 KB 303ms
106ms Document
text/html 2607:f8b0:4024:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9807711039614111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::9d Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pestablog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 4428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:56:27 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 10:56:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
902 B 257ms
74ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

188d321da52decd5b8a5c92b29c10badb5c8ded9b9f45f802ee6b64bd8d6a564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 12:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 11:47:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 12:10:15 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 252ms
63ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CFG92HJD5N&gtm=45Pe3bt0v9170354884&_p=1701519015123&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=868832929.1701519016&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701519015&sct=1&seg=0&dl=https%3A%2F%2Fpestablog.com%2F&dt=Pesta%20Blog%20-%20Pesta%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=949
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-PL3VVL6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 12:10:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pestablog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 60ms
59ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2102
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 01 Dec 2024 11:35:13 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
529 B 832ms
831ms Fetch
text/plain 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2151687061189097&correlator=1057328614987388&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=23027667249%2Cintersetial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1701519015783&lmt=1701519015&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpestablog.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=868832929.1701519016&ga_sid=1701519016&ga_hid=1689153151&ga_fc=true&dlt=1701519014890&idt=826&adks=2024885645&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbff97d87e22db99d6ccbf83cc48eabe78f9087858e32ffc29bffc0f0b2064f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 498
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pestablog.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
14 KB 479ms
478ms Fetch
text/plain 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2151687061189097&correlator=1057328614987388&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=23027667249%2Cancr&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&fas=2&sc=1&cookie_enabled=1&abxe=1&dt=1701519015804&lmt=1701519015&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpestablog.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=868832929.1701519016&ga_sid=1701519016&ga_hid=1689153151&ga_fc=true&dlt=1701519014890&idt=826&adks=352329757&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2114779b78312a8675bccae497acbabb0c0a7afbde0e940214ada8e848e19b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14724
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pestablog.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 119 KB
33 KB 726ms
726ms Fetch
text/plain 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2151687061189097&correlator=1057328614987388&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=23027667249%2CHeader1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x50&fluid=height&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701519015815&lmt=1701519015&adxs=650&adys=209&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpestablog.com%2F&vis=1&psz=1600x50&msz=1600x50&fws=4&ohw=1600&ga_vid=868832929.1701519016&ga_sid=1701519016&ga_hid=1689153151&ga_fc=true&dlt=1701519014890&idt=826&adks=1568799820&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02199a2890aa0cde39202afa1954f0467826487242ab66ff33d1c2905e966898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33830
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pestablog.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 616 B
297 B 216ms
215ms Fetch
text/plain 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2151687061189097&correlator=1057328614987388&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=23027667249%2CFooterad&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90&fluid=height&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701519015822&lmt=1701519015&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpestablog.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=868832929.1701519016&ga_sid=1701519016&ga_hid=1689153151&ga_fc=true&dlt=1701519014890&idt=826&adks=3801772162&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3d4702838c18925d955d1557a257b24efb2e8a9a6b05b5984b55dc27fa1df1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 266
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pestablog.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E1C7 6 KB
3 KB 255ms
60ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pestablog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 12:10:16 GMT
expires: Sun, 01 Dec 2024 12:10:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 39 KB
13 KB 38ms
38ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42779
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13736
x-xss-protection: 0
server: cafe
etag: 9658267497644244280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 01 Dec 2024 00:17:16 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3088 0
188 B 115ms
111ms Document
text/html 2607:f8b0:4024:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9807711039614111&output=html&adk=2969136045&adf=3689892565&lmt=1701519015&plat=1%3A16777280%2C2%3A64%2C3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpestablog.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701519015300&bpp=5&bdt=410&idt=556&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3375841400438&frm=20&pv=2&ga_vid=868832929.1701519016&ga_sid=1701519016&ga_hid=1689153151&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44795921%2C31078301%2C31079861%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2151687061189097&tmod=576464476&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=589

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_fy2021.js?bust=31079861

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::9d Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pestablog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 12:10:16 GMT
expires: Sat, 02 Dec 2023 12:10:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=bottom-center%20tvxmjopxnr&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 12:10:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 259ms
97ms Font
font/woff2 2607:f8b0:4024:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pestablog.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 04:28:53 GMT
x-content-type-options: nosniff
age: 286883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 04:28:53 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 259ms
98ms Font
font/woff2 2607:f8b0:4024:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pestablog.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 16:18:46 GMT
x-content-type-options: nosniff
age: 330690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 16:18:46 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 75ms
74ms XHR
application/json 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ccb2f6e1d1d2ac4bf523e40897899fd74626393415dcddb955fca9b6a36c23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12303
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 249ms
90ms Script
text/javascript 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 12:10:16 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame BC55 196 KB
56 KB 264ms
85ms Script
text/javascript 2607:f8b0:4023::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 Nov 2023 16:59:40 GMT
age: 155436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 29 Nov 2024 16:59:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BC55 15 KB
5 KB 313ms
134ms Script
text/javascript 2607:f8b0:4023::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Dec 2023 08:02:45 GMT
age: 101251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Nov 2024 08:02:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BC55 95 KB
29 KB 318ms
139ms Script
text/javascript 2607:f8b0:4023::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Dec 2023 01:35:23 GMT
age: 124493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Nov 2024 01:35:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BC55 5 KB
2 KB 332ms
154ms Script
text/javascript 2607:f8b0:4023::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 Nov 2023 02:22:14 GMT
age: 208082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 29 Nov 2024 02:22:14 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BC55 40 KB
13 KB 327ms
149ms Script
text/javascript 2607:f8b0:4023::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Dec 2023 01:35:23 GMT
age: 124493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Nov 2024 01:35:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BC55 4 KB
751 B 54ms
53ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 12:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 11:58:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 12:10:16 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC55 2 KB
3 KB 179ms
86ms Image
image/png 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:55:45 GMT
x-content-type-options: nosniff
server: cafe
age: 11671
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 03 Dec 2023 08:55:45 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC55 295 B
663 B 178ms
85ms Image
image/png 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: pestablog.com
URL: https://pestablog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:29:18 GMT
x-content-type-options: nosniff
server: cafe
age: 2458
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 03 Dec 2023 11:29:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B979 13 KB
5 KB 82ms
81ms Document
text/html 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pestablog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 36699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 01:58:37 GMT
expires: Sun, 01 Dec 2024 01:58:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D2BD 829 B
1 KB 181ms
62ms Document
text/html 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1bbefa9bb88a847d55f5547555b674307fa58f9b34c17e386d63a9326a1c3086

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QCxG-j3_ky38ZSYpaPJFlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pestablog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QCxG-j3_ky38ZSYpaPJFlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 12:10:16 GMT
expires: Sat, 02 Dec 2023 12:10:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B82 6 KB
3 KB 39ms
38ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pestablog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 12:10:16 GMT
expires: Sun, 01 Dec 2024 12:10:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 5B82 9 KB
4 KB 221ms
78ms Script
text/javascript 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 07:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 07:59:10 GMT

GET
H2 200 07977d2b7ee0aecb6f84611ef43cb16f.js Show response
www.gstatic.com/mysidia/ Frame 5B82 145 KB
53 KB 222ms
80ms Script
text/javascript 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983de16021c17f275be68a5ad52f44a35b33d2cc6441f030c8e062550194f283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 07:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 07:36:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5B82 21 KB
1 KB 52ms
49ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 12:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 11:25:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 12:10:16 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame 5B82 110 KB
32 KB 62ms
60ms Script
text/javascript 2607:f8b0:4023::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc44c1f86ee04baf5c9f6282f887200d328a419667d1d1e5cd3a3423a057e6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 12:10:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32240
x-xss-protection: 0
server: sffe
etag: "6c561bf69fb7c6ef"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 12:10:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5B82 2 KB
822 B 59ms
58ms Script
text/javascript 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 5B82 24 KB
9 KB 60ms
58ms Script
text/javascript 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5B82 3 KB
1 KB 61ms
59ms Script
text/javascript 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5B82 20 KB
9 KB 61ms
57ms Script
text/javascript 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:48 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 5B82 37 KB
15 KB 56ms
54ms Script
text/javascript 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 16:59:52 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B979 39 KB
15 KB 56ms
56ms Script
text/javascript 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:14:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:14:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D2BD 0
0 105ms
105ms Image
text/html 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=2151687061189097&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B979 0
10 B 53ms
53ms Image
text/plain 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rpTjHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10308311324431510859/ Frame 5B82 2 KB
2 KB 64ms
63ms Image
image/jpeg 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10308311324431510859/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14d9cff5f641558bd194a1f720ea77861c9c24cc4a52cf069993136f0a74c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2344
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 12:50:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 12:10:16 GMT

GET
DATA 200
OK truncated
/ Frame 5B82 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 5B82 0
225 B 231ms
62ms Ping
image/gif 2607:f8b0:400c:c0f::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpo0ho11&c=5540324291265&slotId=2770162145632.5&qqid=CMOhqqTc8IIDFbeJWgUdUtoPyQ&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c0f::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 12:10:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8368595149455147756/ Frame 5B82 151 KB
151 KB 76ms
75ms Image
image/jpeg 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8368595149455147756/14763004658117789537

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a679902a39be1923c9deeb12e3744b63ee345afa01b8563afd9a6e2b8b9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154320
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:31:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 12:10:16 GMT

GET
H3

206

videoplayback
r5---sn-ab5sznzl.gvt1.com/ Frame 5B82
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=b3876b4706fd1698&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1701526216&sparams=ip,ipbits,expire,id,...
https://r6---sn-8xgp1vo-ab5d.gvt1.com/videoplayback?id=b3876b4706fd1698&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701526216&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,...
https://r5---sn-ab5sznzl.gvt1.com/videoplayback?id=b3876b4706fd1698&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701526216&sparams=expire,id,ip,ipbits,ipbypass,itag,mh,mi...

1 MB
1 MB

116ms
28ms

Media
video/mp4

2607:f8b0:4006:a::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-ab5sznzl.gvt1.com/videoplayback?id=b3876b4706fd1698&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701526216&sparams=expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=6BFCCD36F73D8BAF436105076159ECB834C7BDA9.68A30E41D101545BA0F81B44F7874CA9BEFBA78F&key=cms1&mh=y-&pl=49&redirect_counter=1&cm2rm=sn-8xgp1vo-ab5d7d&req_id=956fd30f168b36e2&cms_redirect=yes&ipbypass=yes&mip=2600:803:a88:1076::76&mm=42&mn=sn-ab5sznzl&ms=onc&mt=1701518712&mv=u&mvi=5

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2607:f8b0:4006:a::a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d92517692a5a1a0967c24f3a445669c639cadc8bfae5bc7ab83ff2f167555cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 02 Dec 2023 12:10:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Nov 2023 19:10:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1472921/1472922
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1472922
expires: Sat, 02 Dec 2023 12:10:17 GMT

Redirect headers

date: Sat, 02 Dec 2023 12:10:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/html
location: https://r5---sn-ab5sznzl.gvt1.com/videoplayback?id=b3876b4706fd1698&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701526216&sparams=expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=6BFCCD36F73D8BAF436105076159ECB834C7BDA9.68A30E41D101545BA0F81B44F7874CA9BEFBA78F&key=cms1&mh=y-&pl=49&redirect_counter=1&cm2rm=sn-8xgp1vo-ab5d7d&req_id=956fd30f168b36e2&cms_redirect=yes&ipbypass=yes&mip=2600:803:a88:1076::76&mm=42&mn=sn-ab5sznzl&ms=onc&mt=1701518712&mv=u&mvi=5
cache-control: private, max-age=900
content-length: 0
expires: Sat, 02 Dec 2023 12:10:17 GMT

GET
DATA 200
OK truncated
/ Frame 5B82 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f28de173d6c12d8ceb311c01cf791a353c86ac53bbdde7afaea0a1a6f067eaca

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5B82 33 KB
33 KB 70ms
69ms Font
font/woff2 2607:f8b0:4024:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:39:36 GMT
x-content-type-options: nosniff
age: 37841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:39:36 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5B82 0
45 B 142ms
64ms Ping
image/gif 2607:f8b0:400c:c0f::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpo0ho1b&c=5540324291265&slotId=2770162145632.5&qqid=CMOhqqTc8IIDFbeJWgUdUtoPyQ&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c0f::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 12:10:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5B82 0
45 B 141ms
63ms Ping
image/gif 2607:f8b0:400c:c0f::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lpo0ho3v&c=5540324291265&slotId=2770162145632.5&qqid=CMOhqqTc8IIDFbeJWgUdUtoPyQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F07977d2b7ee0aecb6f84611ef43cb16f.js%253Ftag%253Dvideo_mra%252Fweb_raspberry_ms&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c0f::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 12:10:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5B82 0
45 B 140ms
63ms Ping
image/gif 2607:f8b0:400c:c0f::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lpo0ho3v&c=5540324291265&slotId=2770162145632.5&qqid=CMOhqqTc8IIDFbeJWgUdUtoPyQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fa6de5423b7c632060e8f86136bd5d27a.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c0f::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 12:10:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5B82
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ8KnqB5rZcOtDreT6toP0rS_yAz_ssTKdNikueqzEt_57MONDhABIJyX3p8BYMkGoAGPvN-SKsgBCakCBkSzFhvIST7gAgCoAwHIAwqqBPYBT9A9xhAD48k1SW9crj__zDFZB_gCCqNx...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1caf8b8b06dcf0d70000000000000000%22,%222%22:%220xf01689dffdb4382e0000000000000000%22,%223%22:%220x5ac682...

0
0

203ms
59ms

Fetch
text/css

172.253.113.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1caf8b8b06dcf0d70000000000000000%22,%222%22:%220xf01689dffdb4382e0000000000000000%22,%223%22:%220x5ac68205fc8ca08c0000000000000000%22,%224%22:%220x22e17f28ed192b8c0000000000000000%22,%225%22:%220xa9aba05e21a83090000000000000000%22},%22debug_key%22:%222133957935556627692%22,%22debug_reporting%22:true,%22destination%22:%22https://nextgeninfohub.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211313602063%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226376246320990354961%22}&andc=true

Requested by

Host: c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
URL: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.253.113.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ma-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:10:17 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x1caf8b8b06dcf0d70000000000000000","2":"0xf01689dffdb4382e0000000000000000","3":"0x5ac68205fc8ca08c0000000000000000","4":"0x22e17f28ed192b8c0000000000000000","5":"0xa9aba05e21a83090000000000000000"},"debug_key":"2133957935556627692","debug_reporting":true,"destination":"https://nextgeninfohub.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11313602063"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"6376246320990354961"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 12:10:17 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 12:10:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x1caf8b8b06dcf0d70000000000000000","2":"0xf01689dffdb4382e0000000000000000","3":"0x5ac68205fc8ca08c0000000000000000","4":"0x22e17f28ed192b8c0000000000000000","5":"0xa9aba05e21a83090000000000000000"},"debug_key":"2133957935556627692","debug_reporting":true,"destination":"https://nextgeninfohub.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11313602063"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"6376246320990354961"}&andc=true
access-control-allow-origin: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 151ms
56ms Preflight
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ8KnqB5rZcOtDreT6toP0rS_yAz_ssTKdNikueqzEt_57MONDhABIJyX3p8BYMkGoAGPvN-SKsgBCakCBkSzFhvIST7gAgCoAwHIAwqqBPYBT9A9xhAD48k1SW9crj__zDFZB_gCCqNxiDqxw7mOVPMUJBFJz2cWdgVRXed3Sseodky7wmLghgAtO-Jr8y4DqIHt4vFhXikYhEfatW0zI6wXv_u7laaK9yKz9Ef-eZRWOcVWbZ8DUBRPxt8K7tUVJMWDYZWLqj9BD0TiSGGDzObOKV_dyteWZlpqdyvd_rtmV8rnfoCGDuJBJEI7cGFnbXk4zZZM2VO2b7PUryPdcaWtmJMFIoNkkYt5CEC6Q_huAcL7YAHAKmp9GrH0zcql6YJqEhnbcW21FoDNs9nndYTeCxRYTAc2Q8BsT5zYkvdK-EliTI-IwATj_KS_2ATgBAGIBfuhja9NkgUECAQYAZIFBAgFGASgBi6AB4_0r_IEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQzrgz0ggdCIBhEAEYHTICigI6AoBASL39wTpYuvWSpNzwggOaCYMDaHR0cHM6Ly9uZXh0Z2VuaW5mb2h1Yi5jb20vX2NvbnRlbnQvYXJ0aWNsZT9hcnRpY2xlSWQ9bWJhK2FjY291bnRpbmcrYW5kK2ZpbmFuY2UmYnJhbmQ9NzM0MDg5MzIyOCZzdWdnZXN0ZWRUZXJtcz1NQkElMjBpbiUyMGFjY291bnRpbmclMjBwcm9ncmFtcyxCZXN0JTIwTUJBJTIwYWNjb3VudGluZyUyMGNvdXJzZXMsT25saW5lJTIwTUJBJTIwaW4lMjBhY2NvdW50aW5nLEFjY291bnRpbmclMjBzcGVjaWFsaXphdGlvbiUyMGluJTIwTUJBLE1CQSUyMGFjY291bnRpbmclMjBjYXJlZXIlMjBvcHBvcnR1bml0aWVzLFRvcCUyMHVuaXZlcnNpdGllcyUyMGZvciUyME1CQSUyMGFjY291bnRpbmcmYWRDb3B5VGl0bGU9bWJhK2FjY291bnRpbmcrYW5kK2ZpbmFuY2UmcGFnZT1jb250ZW50gAoDyAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLaDBEKCxCQutvawPTu34MBEgIBA-INEwiGrpOk3PCCAxW3iVoFHVLaD8m4E5wb2BMMiBQB0BUBmBYBgBcBshcfCh0IABIUcHViLTk4MDc3MTEwMzk2MTQxMTEYhu2aAQ&sigh=fnUOTbrLucQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNLrv8fE5oD-Bkv35oUaiiDoC0Py3KVaRhlAO-LOgtGYQbH40dLXv4_ZnpAS48hDgkqbfpvUz-0pI2K85MTsawxWtrQtETctADZRgB&template_id=3484&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 12:10:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 104ms
103ms Image
text/html 2607:f8b0:4024:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=2151687061189097&bg=!gIOlg8zNAAY3kmNgF5I7ADQBe5WfOKuBpp7E0ZZwUtuqQFl_X1dpBzQoWFNh4TWTF0_VAIpOwdZeX7SvmIlHqS86IfFdAgAAAF5SAAAABGgBB5kCukWInoGbZBKWrFjvkb7BeMyArQ6Y5iix0YD6XcmkB7aeFv_5zX7_S_-50dxe5BoW2SZM766lNNAcXSCcXl1rJsX0gtEyVpq7pC8XJ2HnIIUfNUlR4OXUy8SoHp_ivMhQMpkwgSIgeY33Zoh1_4cgOUlAJkrkrqxriJYkXPvLPq6AoPO8A0iOQIpPVr-2xJfqcAm8W75lswOc5PtNh2CMN4KAukUwqYNjMZIeZFBAQerui4inSqxKHP34iOympfO6TkTaJmWD6TPppemt9LwAESDkoesYszg9FcH2254zg9j7W0e4D7a2o1fggU5BM36Jb_zCSniBJEUe2Zon9-iDQ_gvf_QKYiX48CtFUW9MBkDTvipeIwudOAvqCAjyliTVlc472iY6H6tLgQsP8lHXWIPcIcd3zu_M-Lh-ZkoimxkA0fRg9i-TkBhc7_DSSUEk5H7RBJ1GjOjTWLB3z_I_pB-OtXW1fXM2X_K15RnuDtfSW3Mt_uyIftf4CtNiJBFCX8fL9Fr53MkYGEWhz4IrqdJMgPEunnSQEQsfJmQbDl9vLRC6Lb_MggG4nXy6WC8nwenRhHA66RQs8-1sGSPLAgqn28i0Ax4GpX_HEfBFnPIXrXiGhPlgJpghcHZma7K9mK5XvypVpKN6d6LGzdmuIR3qulGyBVoCntXvGCYSUldw7u-0UXMGoY4r-27RWZ_irXSgnSPCpo_hbIG8iwT5ude-BLOTQuTv08koJEktHb10ZQ6glkhCaWijMxCut1HktkAZVz_SyvEdxSTEeoNCKtzjEloZkMMvzyMTUQ-qmYz_GQL4VFLi-b0WR0boRHVtnla6sUwLjV5FhbvQYAKSsVTzrKdvTzS9I1hQ7lAtCYdrXJxoOI_RzdNVKB_9Mw1bNf_CZalTEn-Nxnglp1uueuzQk7mhF7ahjmXU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c01::9c Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pestablog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 253ms
119ms Preflight
text/html 172.253.113.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.113.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ma-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 12:10:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5B82 42 B
64 B 65ms
64ms Image
image/gif 2607:f8b0:4024:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjiNNqB5rZcOtDreT6toP0rS_yAz_ssTKdNikueqzEt_57MONDhABIJyX3p8BYMkGoAGPvN-SKsgBCakCBkSzFhvIST7gAgCoAwHIAwqqBPkBT9A9xhAD48k1SW9crj__zDFZB_gCCqNxiDqxw7mOVPMUJBFJz2cWdgVRXed3Sseodky7wmLghgAtO-Jr8y4DqIHt4vFhXikYhEfatW0zI6wXv_u7laaK9yKz9Ef-eZRWOcVWbZ8DUBRPxt8K7tUVJMWDYZWLqj9BD0TiSGGDzObOKV_dyteWZlpqdyvd_rtmV8rnfoCGDuJBJEI7cGFnbXk4zZZM2VO2b7PUryPdcaWtmJMFIoNkkYt5CEC6Q_huAcL7YAHAKmp9GrH0zcql6YIoEDlJ5Zd0YH4M5lwqIgE74BhwRSku1Ry1OWI7ctlm4PzHmdgNYbsewATj_KS_2ATgBAGIBfuhja9NoAYugAeP9K_yBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOli69ZKk3PCCA7EJf0M0Ce5goM-ACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAtoMEQoLEJC629rA9O7fgwESAgEDqg0CVVPIDQHiDRMIhq6TpNzwggMVt4laBR1S2g_JuBOcG9gTDIgUAdAVAZgWAfgWAYAXAQ&sigh=RYajQwz9Ar0&cid=CAQSTgDICaaNLrv8fE5oD-Bkv35oUaiiDoC0Py3KVaRhlAO-LOgtGYQbH40dLXv4_ZnpAS48hDgkqbfpvUz-0pI2K85MTsawxWtrQtETctADZQ&label=adresume

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c02::9d Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 12:10:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5B82 42 B
64 B 55ms
54ms Image
image/gif 2607:f8b0:4024:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c02::9d Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 12:10:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5B82 0
54 B 38ms
37ms Ping
image/gif 2607:f8b0:400c:c0f::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lpo0ho3w&c=5540324291265&slotId=2770162145632.5&qqid=CMOhqqTc8IIDFbeJWgUdUtoPyQ&dm=25000&event_name=first_play&asset_bytes=57882&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.lpo0hojw~ff.lpo0hor7~vfl.lpo0hosd
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c0f::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 12:10:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pestablog.com/	1969-12-31 23:59:59	Name: fpm_visit Value: 1
pestablog.com/	1969-12-31 23:59:59	Name: fpm_referer Value: %2F%2F%2F%3Adirect
.pestablog.com/	1970-01-21 02:14:39	Name: _ga_CFG92HJD5N Value: GS1.1.1701519015.1.0.1701519015.0.0.0
.pestablog.com/	1970-01-21 02:14:39	Name: _ga Value: GA1.1.868832929.1701519016
.pestablog.com/	1970-01-21 02:00:15	Name: __gads Value: ID=f32a1c48192d56c1:T=1701519015:RT=1701519015:S=ALNI_MakoG8JbaRXF-j4n_UvGsYXpkX-wA
.pestablog.com/	1970-01-21 02:00:15	Name: __gpi Value: UID=00000a024d894375:T=1701519015:RT=1701519015:S=ALNI_MZdKzosmHDuOUvEOYrI2hrBzpO-8A
.doubleclick.net/	1970-01-21 02:14:39	Name: IDE Value: AHWqTUmstIkKovk00xaKNCpE9V77b4zLl56uOwozekLXeuBt1MHIOoSQfTYDz_ZIhvg
.googleadservices.com/	1970-01-20 18:48:15	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c78bb2cf754ecc019452a186adca2f46.safeframe.googlesyndication.com
cdn.ampproject.org
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pestablog.com
r5---sn-ab5sznzl.gvt1.com
r6---sn-8xgp1vo-ab5d.gvt1.com
redirector.gvt1.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
172.253.113.155
2600:802:b10:5::11
2606:4700:3037::ac43:92fe
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:822::2008
2607:f8b0:4006:824::2004
2607:f8b0:4006:a::a
2607:f8b0:400c:c0f::78
2607:f8b0:4023::84
2607:f8b0:4024:c00::5e
2607:f8b0:4024:c00::5f
2607:f8b0:4024:c01::5e
2607:f8b0:4024:c01::9c
2607:f8b0:4024:c02::64
2607:f8b0:4024:c02::9d
2607:f8b0:4024:c09::84
00fd294c46d27f6cf62b9b348106cff55f80557d485051a08327c9595347aaba
02199a2890aa0cde39202afa1954f0467826487242ab66ff33d1c2905e966898
02ea869e657c4d934285d6012f033b36119154c090ea29d8824152e51d0ac686
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b434b16d97f601e8b5bdc58980ee863ae330d2ec8520a0fa843ecb122d9ed35
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
188d321da52decd5b8a5c92b29c10badb5c8ded9b9f45f802ee6b64bd8d6a564
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1bbefa9bb88a847d55f5547555b674307fa58f9b34c17e386d63a9326a1c3086
21ce129d30c0a3bdd9756100d241ab64bbe5060b1fd62deecc22c027d8e0d27c
2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528
2ed4e3a2582066053f30dc25664f386e4d9714b947f2d4028c6d5fb1c099fd1a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37e77dca50f993240ee4e787468fc2422f45cd62da1370ef97d0782ecc862a40
38cd72c9a55360887f61bcee986094f939e9b3c7796855b9d11912e1ae2d0c7f
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
417500ffbbc3a9af0b9f1834ab929a2c9cc931fc7510da64e1c96bd4879e54d5
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72
48fa50f8622b17f06a45267362e717fb8451779cc78d6d198f264ae9ef8d3abc
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
528dfffee011fcdb177966a7a9e17bbca5995842fa5d27d7f633db245b38cd18
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ccb2f6e1d1d2ac4bf523e40897899fd74626393415dcddb955fca9b6a36c23b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6ac2c45e1e6cfd06282397b5775b2040c6b2181fe8a04d534df72fcf86f41c2a
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
72a679902a39be1923c9deeb12e3744b63ee345afa01b8563afd9a6e2b8b9bb2
77427fa30b2e040935768430ebe77dafa03bce2f7a045c4fff5230f99841d799
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
9713367d7585374f40073b720ec0b0ca428d6caf7db7dfd1eb47fe8299fcf76a
983de16021c17f275be68a5ad52f44a35b33d2cc6441f030c8e062550194f283
9b413106c06a231fbdf3a1ee9afd6ddcd910ef9e060f4dd3ab3801edd27734b0
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a14d9cff5f641558bd194a1f720ea77861c9c24cc4a52cf069993136f0a74c8e
a819fe245d7a3c8f91b58fd7d694d9918a19070ba01c207306fdda8be1c93058
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
bd245d065845b2b0d8f318209165607deb6ea96f88a56ccddcb511dd4c177adc
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d2114779b78312a8675bccae497acbabb0c0a7afbde0e940214ada8e848e19b1
d3d4702838c18925d955d1557a257b24efb2e8a9a6b05b5984b55dc27fa1df1b
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
d92517692a5a1a0967c24f3a445669c639cadc8bfae5bc7ab83ff2f167555cfb
dc5586cd5ce618d470309ab9bdd3f6c720febfdd03902676855cbd6dd3b9c9e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0df5bac42e20b19dafbdf42b5480133ffdf8885bf9d4fd9a8fa3043e3efd2ae
f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a
f28de173d6c12d8ceb311c01cf791a353c86ac53bbdde7afaea0a1a6f067eaca
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fbff97d87e22db99d6ccbf83cc48eabe78f9087858e32ffc29bffc0f0b2064f7
fcc44c1f86ee04baf5c9f6282f887200d328a419667d1d1e5cd3a3423a057e6e

pestablog.com Open in urlscan Pro 2606:4700:3037::ac43:92fe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

96 %HTTPS

95 %IPv6

11 Domains

19 Subdomains

18 IPs

1 Countries

3855 kBTransfer

6141 kBSize

8 Cookies

1 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pestablog.com Open in urlscan Pro
2606:4700:3037::ac43:92fe Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

96 %
HTTPS

95 %
IPv6

11
Domains

19
Subdomains

18
IPs

1
Countries

3855 kB
Transfer

6141 kB
Size

8
Cookies

81 HTTP transactions
2 data transactions