www.airblog.org Open in urlscan Pro
78.46.71.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://airblog.org.admin-eu2.cas.ms/
Effective URL:
https://www.airblog.org/
Submission: On May 08 via api (May 8th 2022, 8:00:03 pm UTC) from US — Scanned from US

Summary HTTP 164 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 38 domains to perform 164 HTTP transactions. The main IP is 78.46.71.241, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.airblog.org.
TLS certificate: Issued by R3 on May 1st 2022. Valid for: 3 months.

This is the only time www.airblog.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.224.188.157 52.224.188.157	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:141b:13:... 2600:141b:13::17d7:8270	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 54	78.46.71.241 78.46.71.241	24940 (HETZNER-AS) (HETZNER-AS)
2	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
4	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2 7	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	23.204.152.208 23.204.152.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2600:141b:13:... 2600:141b:13::b833:92b2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:141b:13:... 2600:141b:13::b833:92b3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
1	51.222.239.232 51.222.239.232	16276 (OVH) (OVH)
2	2620:116:800b... 2620:116:800b:21:559e:e8a8:8a19:7f11	14618 (AMAZON-AES) (AMAZON-AES)
1	99.80.87.97 99.80.87.97	16509 (AMAZON-02) (AMAZON-02)
1	13.225.231.117 13.225.231.117	16509 (AMAZON-02) (AMAZON-02)
2	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
3 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.120.155.137 34.120.155.137	15169 (GOOGLE) (GOOGLE)
15 19	141.95.98.69 141.95.98.69	16276 (OVH) (OVH)
1	2600:9000:21e... 2600:9000:21ec:d600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.15.145.115 51.15.145.115	12876 (Online SAS) (Online SAS)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
5	52.211.48.15 52.211.48.15	16509 (AMAZON-02) (AMAZON-02)
1 1	199.187.193.204 199.187.193.204	47043 (SMARTADSE...) (SMARTADSERVER)
3 3	68.67.160.134 68.67.160.134	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	52.22.205.192 52.22.205.192	() ()
4 4	185.167.164.39 185.167.164.39	() ()
4 4	35.211.178.172 35.211.178.172	() ()
4 4	3.233.22.19 3.233.22.19	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
19	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
1 1	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
2 2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	199.187.193.192 199.187.193.192	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.211.144.1 35.211.144.1	19527 (GOOGLE-2) (GOOGLE-2)
1	54.228.181.56 54.228.181.56	16509 (AMAZON-02) (AMAZON-02)
164	39

1 52.224.188.157 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

airblog.org.admin-eu2.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13::17d7:8270 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 78.46.71.241 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: 1422139.vhosting-it.com

airblog.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.airblog.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81d::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:809::2004 (Staten Island, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:824::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.152.208 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-208.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::b833:92b2 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

csync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::b833:92b3 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

csync-us.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.51 (Valence, France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:559e:e8a8:8a19:7f11 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.87.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-87-97.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.231.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-231-117.jfk51.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:80b::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81f::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 141.95.98.69 (France) 15 redirects

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:d600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-115.rev.poneytelecom.eu

kvt.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.211.48.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-48-15.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.204 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.134 (Brooklyn, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 670.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.253 (Frederick, United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.22.205.192 (None, ) 4 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.39 (None, ) 4 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.211.178.172 (None, ) 4 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.233.22.19 (None, ) 4 redirects

ASN- ()

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:816::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.192 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.132 (Brooklyn, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.144.1 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 1.144.211.35.bc.googleusercontent.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.181.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-181-56.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	airblog.org 1 redirects airblog.org www.airblog.org	2 MB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	411 KB
19	id5-sync.com 15 redirects id5-sync.com — Cisco Umbrella Rank: 915	27 KB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 cm.g.doubleclick.net — Cisco Umbrella Rank: 289	94 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	430 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 20 adservice.google.com — Cisco Umbrella Rank: 128	41 KB
6	cpx.to p.cpx.to — Cisco Umbrella Rank: 11959 s.cpx.to — Cisco Umbrella Rank: 3183	7 KB
5	bidswitch.net 4 redirects x.bidswitch.net pool.grid-data.bidswitch.net — Cisco Umbrella Rank: 11475	3 KB
5	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 326 secure.adnxs.com — Cisco Umbrella Rank: 612	5 KB
5	smartadserver.com 3 redirects csync-global.smartadserver.com — Cisco Umbrella Rank: 12923 csync-us.smartadserver.com — Cisco Umbrella Rank: 13618 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 893 sync.smartadserver.com — Cisco Umbrella Rank: 2347	2 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 448 mug.criteo.com — Cisco Umbrella Rank: 1931	2 KB
4	eyeota.net 4 redirects ps.eyeota.net	2 KB
4	adform.net 4 redirects c1.adform.net	2 KB
4	bidr.io 4 redirects match.prod.bidr.io	2 KB
4	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 447	2 KB
4	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 25011	224 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	110 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111 ajax.googleapis.com — Cisco Umbrella Rank: 432	32 KB
3	azureedge.net mcasproxy.azureedge.net — Cisco Umbrella Rank: 170553	50 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1403	633 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 680	1 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2525	24 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1338 pixel.quantserve.com — Cisco Umbrella Rank: 653	10 KB
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 24208	6 KB
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 30941	526 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 1060	662 B
1	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 1908	429 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 940	645 B
1	sddan.com kvt.sddan.com — Cisco Umbrella Rank: 31716	2 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1160	1 KB
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1038	280 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1014	13 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1119	814 B
1	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2283	184 B
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 8483	30 KB
1	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 26391	272 B
1	cas.ms airblog.org.admin-eu2.cas.ms	1 KB
164	38

	Domain	Requested by
53	www.airblog.org	www.airblog.org
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	id5-sync.com	15 redirects ced.sascdn.com www.airblog.org ads.themoneytizer.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.airblog.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	www.google.com	2 redirects www.airblog.org www.gstatic.com www.google.com tpc.googlesyndication.com
5	s.cpx.to	p.cpx.to www.airblog.org
5	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
4	ps.eyeota.net	4 redirects
4	x.bidswitch.net	4 redirects
4	c1.adform.net	4 redirects
4	match.prod.bidr.io	4 redirects
4	match.adsrvr.org	3 redirects js-sec.indexww.com
4	ads.themoneytizer.com	www.airblog.org ads.themoneytizer.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	ib.adnxs.com	3 redirects
3	gum.criteo.com	1 redirects ads.themoneytizer.com
3	mcasproxy.azureedge.net	airblog.org.admin-eu2.cas.ms mcasproxy.azureedge.net
2	secure.adnxs.com	2 redirects
2	sync.smartadserver.com	1 redirects www.airblog.org
2	image2.pubmatic.com	2 redirects
2	mug.criteo.com	www.airblog.org
2	sync.mathtag.com	2 redirects
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	fonts.googleapis.com	www.airblog.org googleads.g.doubleclick.net
1	adtrack.adleadevent.com	ajax.googleapis.com
1	pool.grid-data.bidswitch.net	www.airblog.org
1	token.rubiconproject.com	www.airblog.org
1	cm.g.doubleclick.net	1 redirects
1	pixel.quantserve.com	www.airblog.org
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rtb-csync.smartadserver.com	1 redirects
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	kvt.sddan.com	ads.themoneytizer.com
1	rules.quantcount.com	secure.quantserve.com
1	api.rlcdn.com	js-sec.indexww.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	spl.zeotap.com	ads.themoneytizer.com
1	csync-us.smartadserver.com	www.airblog.org
1	csync-global.smartadserver.com	1 redirects
1	ced.sascdn.com	ads.themoneytizer.com
1	c.tmyzer.com	ads.themoneytizer.com
1	airblog.org	1 redirects
1	airblog.org.admin-eu2.cas.ms
164	52

This site contains links to these domains. Also see Links.

Domain
cookiedatabase.org
wordpress.org
envothemes.com

Subject Issuer	Validity	Valid
*.azureedge.net Microsoft RSA TLS CA 01	`2021-10-28` - `2022-10-28`	a year	crt.sh
airblog.org R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.themoneytizer.com GoGetSSL RSA DV CA	`2022-03-10` - `2023-04-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
c.tmyzer.com R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
kvt.sddan.com R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-25` - `2023-03-07`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.airblog.org/
Frame ID: C68166F4816B5CBDC01DD16BE17CD24B
Requests: 106 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.14.48/html/session-context-restore.html
Frame ID: E5EB47E5DC5039262DC080D7750BAF3D
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1652039998307
Frame ID: 97412710600F85BFABE1BDB6FFD8D99F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: 1483409890D0C59A71BD8C3F0159F601
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998360&bpp=6&bdt=554&idt=397&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&correlator=5962419915642&frm=20&pv=2&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1lROsstJTW&p=https%3A//www.airblog.org&dtd=431
Frame ID: 4CB7B3829C78EB1BD34D7275165589B1
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&co=aHR0cHM6Ly93d3cuYWlyYmxvZy5vcmc6NDQz&hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=i61e8651mwi4
Frame ID: B9FA4CA49F3486C71C8C5FA035E8E3B9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=4094043489&adf=3069128770&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998366&bpp=4&bdt=560&idt=504&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kUzIBUVUeq&p=https%3A//www.airblog.org&dtd=526
Frame ID: 15CD886E5690CCC7CBE3F311DE27043C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599
Frame ID: 83E8D91F9A721C33B730B334B051C775
Requests: 10 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.airblog.org%2F%3F&id=MTIZ
Frame ID: 62212978737CF2528CDCF87850F5F356
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&adk=318159125&adf=2184669829&lmt=1652010239&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.airblog.org%2F%3F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039999022&bpp=3&bdt=1216&idt=3&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280%2C360x280&nras=1&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=23
Frame ID: A90AC2D4069343B7DD703D23BB84DE62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6A67A367D97C8D9909AF307179828DBD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AF5A509BEDB8A4E6B8890C68175C3320
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Frame ID: 4263E15177226B140526DBA0B9FEE06D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Frame ID: 3135092E5AFA1FC7829FAAA05EE95258
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Frame ID: EDEEF7FF177E3E9CF79DF43238BDE6BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D78719963AE1530D3B8BB933B9ECA506
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D01B2A450B5B6E91B4057F902322257A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AIRBLOG - ARCHIVIO TECNOLOGICO -close

Page URL History Show full URLs

http://airblog.org.admin-eu2.cas.ms/ Page URL
http://airblog.org/ HTTP 301
https://www.airblog.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

164
Requests

94 %
HTTPS

37 %
IPv6

38
Domains

52
Subdomains

39
IPs

5
Countries

3293 kB
Transfer

5865 kB
Size

37
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiedatabase.org/tcf/purposes/
Title: Per saperne di più su questi scopi

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://envothemes.com/
Title: Envo Magazine

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://airblog.org.admin-eu2.cas.ms/ Page URL
http://airblog.org/ HTTP 301
https://www.airblog.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://csync-global.smartadserver.com/1097/CookieSync.html HTTP 302
https://csync-us.smartadserver.com/1097/CookieSync.html

Request Chain 91

https://id5-sync.com/i/102/8.gif?id5id=ID5*kB-kPJLB-rS5WRY5sg_rWHzh5S7LKto15jhUV26zQaYRY3fZsAmcn-0roNL7yppT&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOWJYTx3MO_0p4WAIrtrYMXQF9M0Ysb70kpOSo1Q&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/102/7/2.gif?puid=4965946126887743481&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/2/6/3.gif?puid=5270379221808621048&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOWJYTx3MO_0p4WAIrtrYMXQF9M0Ysb70kpOSo1Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/3/5/4.gif?puid=71746278-2140-4800-a54c-50d9d4f5f55a&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=43556852-0789-499a-afc5-7cfcb79550c8&ttl=%%TTL%% HTTP 302
https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1 HTTP 303
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAB0rU7E8EMAADwx0bu-zw HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/102/10/2/7.gif?puid=3362807224555657461&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/104/1/8.gif?puid=79b1d3e2-6e93-48cd-9530-db20c9ea527a&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/123/0/9.gif?puid=180a541e9a7-2d340000010a59de&gdpr=0&gdpr_consent=

Request Chain 98

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=5270379221808621048&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOWJYTx3MO_0p4WAIrtrYMXQF9M0Ysb70kpOSo1Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/3/7/3.gif?puid=3e246278-2140-4d00-92de-e08a9faf71cf&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=43556852-0789-499a-afc5-7cfcb79550c8&ttl=%%TTL%% HTTP 302
https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1 HTTP 303
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAB0rE7E8EMAADwx0bu-zw HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/102/10/2/7.gif?puid=6563487870097915339&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/104/1/8.gif?puid=69cb56ad-9beb-4c23-87c1-536f4431760c&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/123/0/9.gif?puid=180a541e9a7-2d340000010a59de&gdpr=0&gdpr_consent=

Request Chain 103

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.airblog.org%2F&domain=www.airblog.org&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=3x_K0XxaYUl2aVNEaC9QL1h1VUM3UmU0djZjT1ZZaDZKTU5TOEliaUh5MUFWZjliMEZQa1VzL3hGQlZTWVVvNi9TRmp4TVJyL3BLSS9keTJrZlZEU1NTU2Z4NStFWE9ST0huaDI5Rmd5dWRVV1F6UmwzWkppNzQvN2Fxa3Q3UjVMeUlWMllodnlXZGZBVVhmRVZQaHljSjRBL3d2NXpPOTJsQk9IQmJDTUpoYWxrcGFIazFOVitjeUJuRjZndnk2VkE3K0lyOVI4Tm1CdHVnNmNlK1dYWFBtd3ZWV2FXRnVkdlcwQlFKdkFFV2doSDlVTXF0UzZlL2hJbFpjRUNrV1h6MGU1fA&cppv=2

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=54daf45e-932c-41b2-89fb-b3064df3f552 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=54daf45e-932c-41b2-89fb-b3064df3f552&google_gid=CAESEN82OCSL4AmGfBZCkeewoZs&google_cver=1

Request Chain 117

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D54daf45e-932c-41b2-89fb-b3064df3f552 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D54daf45e-932c-41b2-89fb-b3064df3f552 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=1FDF7A42-69E0-47D0-8B9C-952AE7E330D8&fid=54daf45e-932c-41b2-89fb-b3064df3f552

Request Chain 119

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D54daf45e-932c-41b2-89fb-b3064df3f552&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=54daf45e-932c-41b2-89fb-b3064df3f552&gdpr=0&cklb=1

Request Chain 120

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3Dhttp%253A%252F%252Fairblog.org.admin-eu2.cas.ms%252F%26url%3Dhttps%253A%252F%252Fwww.airblog.org%252F%253F%26hn_ver%3D40%26fid%3D54daf45e-932c-41b2-89fb-b3064df3f552 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253Dhttp%25253A%25252F%25252Fairblog.org.admin-eu2.cas.ms%25252F%2526url%253Dhttps%25253A%25252F%25252Fwww.airblog.org%25252F%25253F%2526hn_ver%253D40%2526fid%253D54daf45e-932c-41b2-89fb-b3064df3f552 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=1953263790839771806&pid=12771&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=54daf45e-932c-41b2-89fb-b3064df3f552

Request Chain 121

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=43556852-0789-499a-afc5-7cfcb79550c8&dsp=TTD

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

164 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
airblog.org.admin-eu2.cas.ms/ 1 KB
1 KB 81ms
12ms Document
text/html 52.224.188.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://airblog.org.admin-eu2.cas.ms/

Protocol

HTTP/1.1

Server

52.224.188.157 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

9a5213cf9e6ba5680022244266ded05532e568d7cf682740b169ee681344025b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 08 May 2022 19:59:56 GMT
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Pragma: no-cache
Server: openresty
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-MCAS-Cache-Status: MISS
X-MCAS-Processing-Time: 1
X-MCAS-Request-Id: 1a7db39620d3b4e9581953b3fe2dbef4
X-MCAS-Upstream-Time: n/a

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.14.48/js/ 7 KB
8 KB 63ms
5ms Script
application/javascript 2600:141b:13::17d7:8270
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/js/session-context-store-helper.min.js
Requested by: Host: airblog.org.admin-eu2.cas.ms
URL: http://airblog.org.admin-eu2.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8270 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4e44758542e7203cb2050755ccf83633e63e62d854aff74c928943088be90075

Request headers

accept-language: en-US,en;q=0.9
Referer: http://airblog.org.admin-eu2.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 19:59:56 GMT
last-modified: Mon, 02 May 2022 12:15:41 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: HzQhQbcTmGXRWSfOLdiXQw==
etag: 0x8DA2C35798FA034
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c175ba0a-201e-0039-2db9-628f8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31496150
x-ms-version: 2009-09-19
content-length: 7569

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.14.48/html/ Frame E5EB 281 B
730 B 5ms
4ms Document
text/html 2600:141b:13::17d7:8270
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/html/session-context-restore.html
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8270 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

Referer: http://airblog.org.admin-eu2.cas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31496210
content-length: 281
content-md5: vDuuGHIdcY/gQtnraxH9qw==
content-type: text/html
date: Sun, 08 May 2022 19:59:56 GMT
etag: 0x8DA2C35AC9A45B2
last-modified: Mon, 02 May 2022 12:17:06 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 1bf00724-501e-003d-3cb9-627a0d000000
x-ms-version: 2009-09-19

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.14.48/js/ Frame E5EB 40 KB
41 KB 6ms
6ms Script
application/javascript 2600:141b:13::17d7:8270
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/html/session-context-restore.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8270 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 335bc17ea5f91c4585ff408bcd0cd779ffb2668a1d8207394bde38e8537ed0fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.14.48/html/session-context-restore.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 19:59:56 GMT
last-modified: Mon, 02 May 2022 12:15:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: rvb+tkBFoqsvGgzyWOxnDQ==
etag: 0x8DA2C3579502B68
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c175bd19-201e-0039-77b9-628f8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31496300
x-ms-version: 2009-09-19
content-length: 41368

GET
H2

200

Primary Request / Show response
www.airblog.org/
Redirect Chain

http://airblog.org/?
https://www.airblog.org/?

100 KB
16 KB

474ms
224ms

Document
text/html

78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PHP/7.4.29 PleskLin
Resource Hash: 6f2d216249fa0403988a11f971042cda8aca1e057434422d93bfa2593ef092ef

Request headers

Referer: http://airblog.org.admin-eu2.cas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 16330
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 19:59:57 GMT
last-modified: Sun, 08 May 2022 11:43:59 GMT
server: nginx
vary: User-Agent
wpo-cache-status: cached
x-powered-by: PHP/7.4.29 PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 08 May 2022 19:59:57 GMT
Location: https://www.airblog.org/?
Server: nginx

GET
H2 200 style.min.css
www.airblog.org/wp-includes/css/dist/block-library/ 81 KB
10 KB 137ms
136ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: br
etag: W/"624ce224-145db"
last-modified: Wed, 06 Apr 2022 00:43:16 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:59:57 GMT

GET
H2 200 styles.css
www.airblog.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 142ms
140ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: br
etag: W/"621dff80-aab"
last-modified: Tue, 01 Mar 2022 11:12:00 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:59:57 GMT

GET
H2 200 wp-date-remover-public.css
www.airblog.org/wp-content/plugins/wp-date-remover/public/css/ 98 B
374 B 142ms
140ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/wp-date-remover/public/css/wp-date-remover-public.css?ver=1.0.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: gzip
etag: "62-5d6a2e2602c9f-gzip"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding,User-Agent
content-type: text/css
x-accel-version: 0.01
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 106
expires: Tue, 07 Jun 2022 19:59:57 GMT

GET
H2 200 cookieblocker.min.css
www.airblog.org/wp-content/plugins/complianz-gdpr-premium/assets/css/ 1 KB
689 B 146ms
143ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/complianz-gdpr-premium/assets/css/cookieblocker.min.css?ver=6.0.14
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8af68f83b12515bf2b6eb71eb160a35765cba6c72bafb2566061b34fbcedb459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: br
etag: W/"61f413d0-5fd"
last-modified: Fri, 28 Jan 2022 16:03:28 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:59:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 40ms
20ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5773246ab9ff5dfb7d8eddde1cba8b596badf0c4414f1b37ce24db69d106c77a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 May 2022 18:57:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 May 2022 19:59:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 May 2022 19:59:57 GMT

GET
H2 200 bootstrap.css
www.airblog.org/wp-content/themes/envo-magazine/css/ 66 KB
10 KB 258ms
256ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/css/bootstrap.css?ver=3.3.7
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: br
etag: W/"61f3d5e2-10893"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:59:57 GMT

GET
H2 200 style.css
www.airblog.org/wp-content/themes/envo-magazine/ 32 KB
6 KB 291ms
288ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/style.css?ver=1.3.12
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: f7a2f6732915bf51f4c1c55e0db025e3d106a69d40aa6fb9c28219418f81c922

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: br
etag: W/"61f3d5e2-810c"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:59:57 GMT

GET
H2 200 font-awesome.min.css
www.airblog.org/wp-content/themes/envo-magazine/css/ 30 KB
7 KB 268ms
267ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: br
etag: W/"61f3d5e2-7918"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:59:57 GMT

GET
H2 200 jquery.min.js Show response
www.airblog.org/wp-includes/js/jquery/ 87 KB
30 KB 176ms
174ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e3-15db1"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.airblog.org/wp-includes/js/jquery/ 11 KB
4 KB 279ms
278ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e3-2bd8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-date-remover-public.js Show response
www.airblog.org/wp-content/plugins/wp-date-remover/public/js/ 838 B
705 B 291ms
289ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/wp-date-remover/public/js/wp-date-remover-public.js?ver=1.0.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: gzip
etag: "346-5d6a2e2603087-gzip"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 479

GET
H2 200 logo.jpg
www.airblog.org/wp-content/uploads/2019/11/ 13 KB
14 KB 138ms
136ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/11/logo.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: b3a66a92ba645a81f3be52f412f621bf7b0cec656dad0ca354840953eb8a2bdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-35bf"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13759
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
55 KB 82ms
56ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c27b13f6315c38fbf7e9699aeb846ebccb5c728b6a4525b7791909adf84e2f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55975
x-xss-protection: 0
server: cafe
etag: 3044032818797684310
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 May 2022 19:59:58 GMT

GET
H2 200 attivare-disattivare-avviso-di-chiamata-min.jpg
www.airblog.org/wp-content/uploads/2019/01/ 30 KB
30 KB 353ms
341ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/01/attivare-disattivare-avviso-di-chiamata-min.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: df0af21979edaeac51f768c69a72eb3804fc6425346f171b6839c326a8cdaef4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-766c"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30316
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 scoprire-nome-da-indirizzo.jpg
www.airblog.org/wp-content/uploads/2016/07/ 563 KB
564 KB 157ms
144ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2016/07/scoprire-nome-da-indirizzo.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: f0989c5e16cbf933b4473698a865f0023589d2a2021fb516d81bfa3d9bc2988a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e2-8ccc1"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 576705
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 come-vendere-di-piu%CC%80-attraverso-Google-1000x641.jpg
www.airblog.org/wp-content/uploads/2022/01/ 74 KB
74 KB 352ms
340ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/come-vendere-di-piu%CC%80-attraverso-Google-1000x641.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 5e1959636a4c2e11cd8b36ffbbca8e00131fd2e1cc371a6a4e0d65f6f47a6050

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e4-127ab"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 75691
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 attivare-disattivare-avviso-di-chiamata-min-720x311.jpg
www.airblog.org/wp-content/uploads/2019/01/ 26 KB
26 KB 351ms
340ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/01/attivare-disattivare-avviso-di-chiamata-min-720x311.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8d047bda78f411b89fae57e2cf3a9ae2167985eb4b6534eb26f470397abae8e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-6614"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26132
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 computer-spento-160x120.jpg
www.airblog.org/wp-content/uploads/2019/03/ 4 KB
5 KB 353ms
342ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/03/computer-spento-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8dfa47d90b2c2d2e54b25c23ec95c125a116bb550b8c438bcbd3a4439258519f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-118c"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4492
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 only-office-160x120.jpg
www.airblog.org/wp-content/uploads/2021/03/ 4 KB
4 KB 352ms
341ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/03/only-office-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8d47cc1b7cf6a7d253890cd1c86c372ca1cb31d9bcc156193c1fca42e821b987

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-ea8"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3752
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 corso-grafica-pubblicitaria-160x120.jpg
www.airblog.org/wp-content/uploads/2021/01/ 4 KB
4 KB 352ms
341ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/01/corso-grafica-pubblicitaria-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 3715d898091d218facfde51025bc504a59b4cc8a6a388061ae0af810fc2678dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-eca"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3786
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 attivare-disattivare-avviso-di-chiamata-min-160x120.jpg
www.airblog.org/wp-content/uploads/2019/01/ 5 KB
5 KB 352ms
342ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/01/attivare-disattivare-avviso-di-chiamata-min-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8c74567dc7b8ad6305d04a844576b6d80b53fae701e2f3072b1dee98ecb26794

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-125a"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4698
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 come-vendere-di-piu%CC%80-attraverso-Google-160x120.jpg
www.airblog.org/wp-content/uploads/2022/01/ 5 KB
5 KB 353ms
343ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/come-vendere-di-piu%CC%80-attraverso-Google-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 53a876a4f4b7d9b7437e5c21bc37146d0980d4d21444365038f3df443154e950

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e4-1468"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5224
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 scala40-720x405.jpg
www.airblog.org/wp-content/uploads/2021/05/ 48 KB
48 KB 352ms
343ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/05/scala40-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 7cc134912df21850088036f583fbfeefb6baa7a2a5bdbf253b8d024ae6a56e4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-c0ec"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 49388
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 fortnite-come-sbloccare-fase-quattro-skin-prigioniero-v3-364951-1280x720-720x405.jpg
www.airblog.org/wp-content/uploads/2019/10/ 50 KB
50 KB 353ms
344ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/10/fortnite-come-sbloccare-fase-quattro-skin-prigioniero-v3-364951-1280x720-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: d153888853d763598eab808a0b1de15c8a710a958191cead9288b2e76c8fc3f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-c7f3"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 51187
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 fortnite-capitolo-2-trailer-di-lancio-1200x630-720x405.jpg
www.airblog.org/wp-content/uploads/2019/10/ 68 KB
68 KB 351ms
344ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/10/fortnite-capitolo-2-trailer-di-lancio-1200x630-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 319f22513aa812f96bf8b5dbb6c9e493dd01c197b7818a549b91c8140d88888b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-10f1c"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 69404
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 buco-nero-fortnite-arriva-proposta-pornhub-utenti-v3-405260-1280x720-720x405.jpg
www.airblog.org/wp-content/uploads/2019/10/ 6 KB
6 KB 350ms
343ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/10/buco-nero-fortnite-arriva-proposta-pornhub-utenti-v3-405260-1280x720-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 6fe859cc9b0b4c24daf635f4203f7e6c92230369ad24686616f64b8a3dffa26f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-18b5"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6325
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 spongebob-nuovo-videogioco-720x405.jpg
www.airblog.org/wp-content/uploads/2019/09/ 60 KB
60 KB 351ms
345ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/09/spongebob-nuovo-videogioco-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 976ce9d9acb9658e97840767d7ba2988a7e405c6b65d09331859c820791c1c4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-eee0"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 61152
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 Fortnite-720x405.jpg
www.airblog.org/wp-content/uploads/2019/09/ 64 KB
64 KB 352ms
346ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/09/Fortnite-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: b187e1e9324f0295eb618a1639815f27538926a181f86c3a4a1e9e76f7282157

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-100e3"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65763
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 iphone-12-fotocamera-come-funziona-720x405.jpg
www.airblog.org/wp-content/uploads/2021/05/ 54 KB
54 KB 351ms
345ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/05/iphone-12-fotocamera-come-funziona-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 514d168fcfac4a69ed0fbe1508eec4a7a66a465456149ed2c294f59035e908b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-d8a5"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 55461
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 cartucce-stampante-160x120.jpg
www.airblog.org/wp-content/uploads/2020/08/ 4 KB
4 KB 352ms
346ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2020/08/cartucce-stampante-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: f641acb5aef9ad3c1795e08ab4b07b11abab1bf27a46fc0ee0a09bdc5400f55e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-f77"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3959
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 erp-160x120.jpg
www.airblog.org/wp-content/uploads/2020/07/ 5 KB
6 KB 526ms
520ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2020/07/erp-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 25a9b61a13f84c11ed5ae966543a5850d29fa31725b68733c140801bcbe637bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-156d"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5485
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 immuni-app-coronavirus-160x120.jpg
www.airblog.org/wp-content/uploads/2020/04/ 6 KB
6 KB 352ms
347ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2020/04/immuni-app-coronavirus-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: af3ce861484039c35a1811f0b24c2073a3885273954c8bbc16c53815cc2c8f96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-1850"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6224
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 Migliori-Smartphone-2019-696x392-160x120.jpg
www.airblog.org/wp-content/uploads/2019/03/ 6 KB
7 KB 352ms
347ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/03/Migliori-Smartphone-2019-696x392-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: fddbd81c9f8ae7dbaaf16aec67e5db4e4707aa06ca062737eedc13c5e115f112

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-19b3"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6579
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 windows-10-novit-settimana-scaricare-installare-conviene-subito-o-aspettare-problemi-soluzioni-primo-aggiornamento-a-breve.jpg
www.airblog.org/wp-content/uploads/2016/10/ 38 KB
38 KB 353ms
348ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2016/10/windows-10-novit-settimana-scaricare-installare-conviene-subito-o-aspettare-problemi-soluzioni-primo-aggiornamento-a-breve.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 4db5040b38ec7a9aa5e7f7200e540a5b2e3c6f7ff8f027bb45acb98de8b41205

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e2-9839"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38969
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 seleziona-tutti-su-facebook.jpg
www.airblog.org/wp-content/uploads/2016/05/ 112 KB
112 KB 353ms
348ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2016/05/seleziona-tutti-su-facebook.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 1dcb7b0b76d8b08d2c572f9df3b28aefb7b29a35f04812dcdcb91a0ef87a0f6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e2-1bf6d"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 114541
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 come-vendere-di-piu%CC%80-attraverso-Google-720x405.jpg
www.airblog.org/wp-content/uploads/2022/01/ 39 KB
39 KB 531ms
526ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/come-vendere-di-piu%CC%80-attraverso-Google-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: b5c62131a0575cca97da8d53cecf82538ec888c994bed1134bf929a674dacd87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e4-9bcd"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39885
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 Tutti-pazzi-per-il-dropshipping-720x405.jpg
www.airblog.org/wp-content/uploads/2022/01/ 47 KB
48 KB 527ms
522ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/Tutti-pazzi-per-il-dropshipping-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 9a297de328634be2246c3dbef0c619d1cf8d4858e592baedbd712041898df72b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e4-bd3e"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48446
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 analisi-dei-competitor-720x405.jpg
www.airblog.org/wp-content/uploads/2022/01/ 48 KB
48 KB 527ms
522ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/analisi-dei-competitor-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 6c924400dc0bafd7bc6e33c58502800262426bc2696b6995dff4189261ec17de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e4-be9a"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48794
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 corsi-di-fotografia-720x405.jpg
www.airblog.org/wp-content/uploads/2022/02/ 47 KB
48 KB 526ms
522ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/02/corsi-di-fotografia-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8de58826e0ea4c15255efaf99058147349aaa938684ed7d9bcc77788ee5daa94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "6200fefc-bdce"
last-modified: Mon, 07 Feb 2022 11:14:04 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48590
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 ddos-attack-800x500_c.jpg
www.airblog.org/wp-content/uploads/2017/01/ 54 KB
55 KB 525ms
521ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2017/01/ddos-attack-800x500_c.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: a23682dd7421e99919fc31901326d5e9d9d0cd722ae8e55afed0549a93a97e05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e2-d9d3"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 55763
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 antivirus-720x405.jpg
www.airblog.org/wp-content/uploads/2021/10/ 16 KB
16 KB 530ms
526ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/10/antivirus-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 98e8d18ad3a3ccd09313b477fe69971f58850834e52fba04bf733d7e4113cc11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-4105"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16645
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 gadget-marketing-720x405.jpg
www.airblog.org/wp-content/uploads/2021/10/ 48 KB
49 KB 527ms
523ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/10/gadget-marketing-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 0897bd600f16f8867b46fdb9058e820bfa6cc1bdf01a1975219b553c7a7fc2d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-c1bf"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 49599
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 agenzia-seo-720x405.jpg
www.airblog.org/wp-content/uploads/2021/10/ 19 KB
20 KB 524ms
520ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/10/agenzia-seo-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: fc5166447e6081f9e7260b18e7b982af56cfb0c252e2f25575d3d49181a8f3d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
etag: "61f3d5e3-4dc5"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19909
expires: Mon, 08 May 2023 19:59:58 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 53ms
7ms Script
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
server: nginx
x-hw: 1652039998.cds087.ny3.hn,1652039998.cds218.ny3.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2073

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 67 KB
13 KB 33ms
8ms Script
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a00fd4974dcbb8c4d9c62d6d91b2f0a2ba3a18caad457cf87c2e6d7eb182759

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
server: nginx
x-hw: 1652039998.cds087.ny3.hn,1652039998.cds232.ny3.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12739

GET
H2 200 regenerator-runtime.min.js Show response
www.airblog.org/wp-includes/js/dist/vendor/ 6 KB
2 KB 118ms
117ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e4-195e"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-polyfill.min.js Show response
www.airblog.org/wp-includes/js/dist/vendor/ 19 KB
7 KB 129ms
126ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e4-4b3d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
www.airblog.org/wp-content/plugins/contact-form-7/includes/js/ 9 KB
3 KB 125ms
122ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 11:12:00 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"621dff80-25f8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
www.airblog.org/wp-content/themes/envo-magazine/js/ 7 KB
2 KB 145ms
142ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/js/bootstrap.min.js?ver=3.3.7
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e2-1c20"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 customscript.js Show response
www.airblog.org/wp-content/themes/envo-magazine/js/ 4 KB
867 B 142ms
139ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/js/customscript.js?ver=1.3.12
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: ea4e05b419e4603038c3140f01d23296d4981e4f4a0107a7d9d2bf781acef11c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e2-e8b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
999 B 52ms
28ms Script
text/javascript 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&ver=3.0

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a0b12ed38dbb008349e5e39981d20acf4a4062ac5ad38bac3ea35ca3f80da430

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Sun, 08 May 2022 19:59:58 GMT

GET
H2 200 index.js Show response
www.airblog.org/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
733 B 142ms
140ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
etag: "3e7-5d9263bdf9b64-gzip"
last-modified: Tue, 01 Mar 2022 11:12:00 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 507

GET
H2 200 complianz.min.js Show response
www.airblog.org/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/ 40 KB
9 KB 529ms
525ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=6.0.14
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: c8c9b01c729ee2da404f2d4f1cc65c5397ee4efc4d6d67c7441cc31fb09e303d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 16:03:29 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f413d1-9fd2"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-emoji-release.min.js Show response
www.airblog.org/wp-includes/js/ 18 KB
5 KB 528ms
524ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e3-4705"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 35ms
7ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:18:31 GMT
x-content-type-options: nosniff
age: 423687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:18:31 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 30ms
5ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:19:25 GMT
x-content-type-options: nosniff
age: 423633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:19:25 GMT

GET
H2 200 fontawesome-webfont.woff2
www.airblog.org/wp-content/themes/envo-magazine/fonts/ 75 KB
76 KB 480ms
479ms Font
font/woff2 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/wp-content/themes/envo-magazine/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.airblog.org/wp-content/themes/envo-magazine/css/font-awesome.min.css?ver=4.7.0
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
etag: "61f3d5e2-12d68"
content-type: font/woff2
accept-ranges: bytes
content-length: 77160

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:19:20 GMT
x-content-type-options: nosniff
age: 423638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:19:20 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 11ms
9ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
x-hw: 1652039998.cds087.ny3.hn,1652039998.cds231.ny3.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 16267

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 393ms
90ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=71732&f=2&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 08 May 2022 19:59:41 GMT
Server: nginx
X-IPLB-Request-ID: 05B5EA84:BD3C_36264064:01BB_6278213E_1325D97B:17571
X-IPLB-Instance: 38439
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 92 KB
30 KB 61ms
6ms Script
application/javascript 23.204.152.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.208 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c95fbf9e1dab750326a1d2e0dbdff3d091b0695fcefea56f0ff403496c940a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:59:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 30818
Expires: Sun, 08 May 2022 20:14:58 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
373 B 53ms
19ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:57 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 2484
strict-transport-security: max-age=31536000; preload;
content-length: 165
expires: 60

GET
H/1.1

200
OK

CookieSync.html Show response
csync-us.smartadserver.com/1097/
Redirect Chain

https://csync-global.smartadserver.com/1097/CookieSync.html
https://csync-us.smartadserver.com/1097/CookieSync.html

0
0

88ms
29ms

Script
text/html

2600:141b:13::b833:92b3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-us.smartadserver.com/1097/CookieSync.html
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: HTTP/1.1
Server: 2600:141b:13::b833:92b3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Location: https://csync-us.smartadserver.com/1097/CookieSync.html
Date: Sun, 08 May 2022 19:59:58 GMT
Cache-Control: private, max-age=86400
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Mon, 09 May 2022 19:59:58 GMT

GET
H2 204 mapper.js Show response
spl.zeotap.com/ 0
184 B 73ms
39ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7084c765b87e17a1-EWR
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 423ms
84ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:59:58 GMT
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 05B5EA84:CA98_91EFC133:01BB_6278213E_ECAFB828:17AA7
ETag: "6167dbf8-15ab"
X-IPLB-Instance: 29922
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9741 2 KB
814 B 151ms
47ms Document
text/html 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1652039998307

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 83ms
14ms Script
application/javascript 2620:116:800b:21:559e:e8a8:8a19:7f11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:559e:e8a8:8a19:7f11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 15 May 2022 19:59:58 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12771/ 2 KB
2 KB 377ms
87ms Script
application/javascript 99.80.87.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12771/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.87.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-87-97.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b7c2f6897797b91368989fdf497f734262181ada58b8003b3e9295e2348c9337

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:59:58 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1769
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 281ms
7ms Script
text/javascript 13.225.231.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.231.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-231-117.jfk51.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 05:58:45 GMT
Via: 1.1 ab95c5a0dcf51f52101ed4d59d15a2a2.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 50479
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: JFK51-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: qbgDkEqYoUQilMkGV1L5Ig9kyr9qOrm3NU8SgGFUjQy27UxOLE0Aog==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 59ms
6ms Script
text/javascript 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:59:58 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 May 2022 19:11:07 GMT
Server: Apache
ETag: "76340d-930b-5de84da95c799"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=952
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Sun, 08 May 2022 20:15:50 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/ 650 KB
194 KB 12ms
9ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 551ba1ecbe0bbb90ff6dc576dc32dec584bea60f694faa0b39fe66166e7d3818

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 08:55:45 GMT
server: nginx
etag: "62208291-a2793"
x-hw: 1652039998.cds087.ny3.hn,1652039998.cds127.ny3.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 197945

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/ 304 KB
109 KB 52ms
38ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d33e951249803732cb79d933712d9ed7371cdeb030a1bc4f598463c768078a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111206
x-xss-protection: 0
server: cafe
etag: 8234552034508428205
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 19:59:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame 1483 10 KB
5 KB 22ms
4ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 14:50:17 GMT
etag: 1428802124239944296
expires: Sun, 22 May 2022 14:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ 360 KB
143 KB 64ms
5ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

303b7acf1f54f053c84b9a9d889a693ff90e39ecec8fdadac43201449d116be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145286
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 May 2023 00:40:17 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
545 B 54ms
10ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 5cf783805a09c64f3734d0c010755b2e0cd4418a8d2b95057fcc8121dbf9c1c6

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.airblog.org
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 07 Jun 2022 19:59:58 GMT

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
280 B 76ms
32ms XHR
text/plain 34.120.155.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.airblog.org
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 453 B
1 KB 267ms
87ms XHR
application/json 141.95.98.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.69 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216534.ip-141-95-98.eu

Software

Resource Hash

b08040ee5c03d71056c89581fc082a190ec26bf05074a77876d37623a1cddc8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.airblog.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 49ms
7ms Script
application/javascript 2600:9000:21ec:d600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:d600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:20:45 GMT
content-encoding: gzip
age: 2354
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: 9zOBb9suB2yGs8nQfQpMqFP18mE3GA2b6ROwdHgazrl7a21a33GW9g==

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
941 B 58ms
16ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2352048
x-amz-request-id: tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2: tx0c810f9b689a43feb0d6c-0062543d8e
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRo7tLkmk3fPUB5GV9tsdVOga74D%2FrRa2SIu8vuF9F12xdYW5BeXviU%2B7cYv4jkbb%2BU0uQBcb8jvffxx9lf2Qujf4Gf5JRS0xye4TFoqfsfsDqv1rytk%2BhXpfr55dEiPFvz7ooJvYq66OZVE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1649687875786561
cf-ray: 7084c7682d438c1e-EWR

GET
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 4 KB
2 KB 257ms
82ms XHR
application/json 51.15.145.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https://www.airblog.org/?

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-145-115.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

db0037fc89f3ffe6f3742f500760ec2bc6b965f4039ad9b8a524bfd4418c7e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 08 May 2022 19:59:58 GMT
Content-Encoding: gzip
Server: nginx/1.20.2
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.airblog.org
Cache-Control: private, max-age=60
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
645 B 48ms
20ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.airblog.org&callback=_gfp_s_&client=ca-pub-3877282152808880

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

c92a2861eb9a10cb66fc22873e9172f6e4c23b77a1274c1e9134443471e7bed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
550 B 49ms
24ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.airblog.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 May 2022 19:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4CB7 69 KB
28 KB 448ms
432ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998360&bpp=6&bdt=554&idt=397&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&correlator=5962419915642&frm=20&pv=2&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1lROsstJTW&p=https%3A//www.airblog.org&dtd=431

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

811d0f2b87626ccb1075cd2b71c63dfc4edc5242ac9e7fa0225d3aeca7b4493a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28500
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:59:59 GMT
expires: Sun, 08 May 2022 19:59:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B9FA 41 KB
21 KB 68ms
52ms Document
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&co=aHR0cHM6Ly93d3cuYWlyYmxvZy5vcmc6NDQz&hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=i61e8651mwi4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dded581e868c0f7b376ace7d2cc07429828c99fd5cdfeade0f6bfa62e150c56d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MRAl5ujeGmAxdEqpo/JG+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21710
content-security-policy: script-src 'report-sample' 'nonce-MRAl5ujeGmAxdEqpo/JG+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:59:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15CD 81 KB
30 KB 474ms
474ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=4094043489&adf=3069128770&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998366&bpp=4&bdt=560&idt=504&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kUzIBUVUeq&p=https%3A//www.airblog.org&dtd=526

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea8eea7186bf999d279a5762343dd29cc732d25e328c8de2dbec404e649b0184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:59:59 GMT
expires: Sun, 08 May 2022 19:59:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 1 KB
2 KB 354ms
84ms Script
application/javascript 52.211.48.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12771&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=54daf45e-932c-41b2-89fb-b3064df3f552

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-48-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ffb3ed31aaae24721ed5d7465048974bc90b32e40eefd57debbbe1841e3e580d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:59:59 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1063
Expires: Tue, 22 Mar 2022 17:28:09 UTC

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
429 B 52ms
28ms XHR
text/plain 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.airblog.org%2F%3F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 08 May 2022 19:59:58 GMT
X-AK-INITIAL-GEO: CC:[US], RC:[NY], CN:[NA], CIP:[5.181.234.132], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.airblog.org
X-CS-CLIENT-GEO: 01
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 01
Expires: Sun, 08 May 2022 19:59:58 GMT

GET
H/1.1

200

9.gif
id5-sync.com/c/102/123/0/
Redirect Chain

https://id5-sync.com/i/102/8.gif?id5id=ID5*kB-kPJLB-rS5WRY5sg_rWHzh5S7LKto15jhUV26zQaYRY3fZsAmcn-0roNL7yppT&o=api&gdpr_consent=undefined&gdpr=0
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOWJYTx3MO_0p4WAIrtrYMXQF9M0Ysb70kpOSo1Q&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
https://id5-sync.com/c/102/102/7/2.gif?puid=4965946126887743481&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/2/6/3.gif?puid=5270379221808621048&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOWJYTx3MO_0p4WAIrtrYMXQF9M0Ysb70kpOSo1Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/102/3/5/4.gif?puid=71746278-2140-4800-a54c-50d9d4f5f55a&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=43556852-0789-499a-afc5-7cfcb79550c8&ttl=%%TTL%%
https://match.prod.bidr.io/cookie-sync/id5
https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAB0rU7E8EMAADwx0bu-zw
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/102/10/2/7.gif?puid=3362807224555657461&gdpr=0&gdpr_consent=
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/104/1/8.gif?puid=79b1d3e2-6e93-48cd-9530-db20c9ea527a&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/123/0/9.gif?puid=180a541e9a7-2d340000010a59de&gdpr=0&gdpr_consent=

43 B
2 KB

85ms
84ms

Image
image/gif

141.95.98.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/102/123/0/9.gif?puid=180a541e9a7-2d340000010a59de&gdpr=0&gdpr_consent=

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

141.95.98.69 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216534.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:00:01 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/102/123/0/9.gif?puid=180a541e9a7-2d340000010a59de&gdpr=0&gdpr_consent=
Date: Sun, 08 May 2022 20:00:01 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83E8 96 KB
31 KB 404ms
403ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7469d07f6d0b2cf992c0f5ca15b10db23b3a01d35d12e6c00858873d3a8bb06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31576
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:59:59 GMT
expires: Sun, 08 May 2022 19:59:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 312ms
5ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 00:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 00:33:34 GMT

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 6221 0
247 B 87ms
86ms Document
text/html 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.airblog.org%2F%3F&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Date: Sun, 08 May 2022 19:59:59 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
X-IPLB-Instance: 29922
X-IPLB-Request-ID: 05B5EA84:CA98_91EFC133:01BB_6278213E_ECAFB845:17AA7

GET
H2 200 pixel;r=2138348017;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.airblog.org%2F%3F;ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F;uht=2;fpan=1;fpa=P0-21359...
pixel.quantserve.com/ 35 B
373 B 19ms
18ms Image
image/gif 2620:116:800b:21:559e:e8a8:8a19:7f11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2138348017;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.airblog.org%2F%3F;ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F;uht=2;fpan=1;fpa=P0-21359165-1652039999014;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=airblog.org;je=0;sr=1600x1200x24;dst=0;et=1652039999014;tzo=0;ogl=title.AIRBLOG%20-%20ARCHIVIO%20TECNOLOGICO%2Cdescription.%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eairblog%252Eorg%2F%2Csite_name.AIRBLOG%20-%20ARCHIVIO%20TECNOLOGICO

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:559e:e8a8:8a19:7f11 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 May 2022 19:59:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 36ms
19ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx8bbc4abbbd4a48b2a713b-006276132c
x-amz-id-2: tx8bbc4abbbd4a48b2a713b-006276132c
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrfNcGBkdrSHa6U87u1cEB3AXxkKo6rCFSodsTlhuiKemNkXZeUl7fMr7UTR%2BHz063jf6N9DpNBILyHFzg5yEQFRlHH%2F7homxWNYVaPP75Cyew4pmZreAa7VEodOPnHqBhkTgCZiCKT3F53m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1649687874851815
cf-ray: 7084c769f8be32d9-EWR
access-control-allow-headers: Authorization

GET
H2 200 banner Show response
www.airblog.org/wp-json/complianz/v1/ 124 B
460 B 901ms
900ms XHR
application/json 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airblog.org/wp-json/complianz/v1/banner?lang=it&locale=it_IT&token=bqdiu

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=6.0.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

1422139.vhosting-it.com

Software

nginx / PHP/7.4.29, PleskLin

Resource Hash

7113196619fd9ddf95ab6975a259b6eb5ed973adebf5eb1d4185d18233889b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.airblog.org/?
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 08 May 2022 19:59:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
link: <https://www.airblog.org/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/7.4.29, PleskLin
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H/1.1

200

9.gif
id5-sync.com/c/102/123/0/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/12/2/8/2.gif?puid=5270379221808621048&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOWJYTx3MO_0p4WAIrtrYMXQF9M0Ysb70kpOSo1Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...
https://id5-sync.com/c/12/3/7/3.gif?puid=3e246278-2140-4d00-92de-e08a9faf71cf&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=43556852-0789-499a-afc5-7cfcb79550c8&ttl=%%TTL%%
https://match.prod.bidr.io/cookie-sync/id5
https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAB0rE7E8EMAADwx0bu-zw
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/102/10/2/7.gif?puid=6563487870097915339&gdpr=0&gdpr_consent=
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/104/1/8.gif?puid=69cb56ad-9beb-4c23-87c1-536f4431760c&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/123/0/9.gif?puid=180a541e9a7-2d340000010a59de&gdpr=0&gdpr_consent=

43 B
2 KB

88ms
87ms

Image
image/gif

141.95.98.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/102/123/0/9.gif?puid=180a541e9a7-2d340000010a59de&gdpr=0&gdpr_consent=

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

141.95.98.69 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216534.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:00:01 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/102/123/0/9.gif?puid=180a541e9a7-2d340000010a59de&gdpr=0&gdpr_consent=
Date: Sun, 08 May 2022 20:00:01 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 99ms
98ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.airblog.org%2F%3F&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 May 2022 19:59:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A90A 0
19 B 59ms
58ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&adk=318159125&adf=2184669829&lmt=1652010239&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.airblog.org%2F%3F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039999022&bpp=3&bdt=1216&idt=3&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280%2C360x280&nras=1&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:59:59 GMT
expires: Sun, 08 May 2022 19:59:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame B9FA 51 KB
24 KB 23ms
10ms Stylesheet
text/css 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&co=aHR0cHM6Ly93d3cuYWlyYmxvZy5vcmc6NDQz&hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=i61e8651mwi4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 May 2023 00:40:17 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame B9FA 360 KB
142 KB 19ms
6ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

303b7acf1f54f053c84b9a9d889a693ff90e39ecec8fdadac43201449d116be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145286
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 May 2023 00:40:17 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.airblog.org%2F&domain=www.airblog.org&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=3x_K0XxaYUl2aVNEaC9QL1h1VUM3UmU0djZjT1ZZaDZKTU5TOEliaUh5MUFWZjliMEZQa1VzL3hGQlZTWVVvNi9TRmp4TVJyL3BLSS9keTJrZlZEU1NTU2Z4NStFWE9ST0huaDI5Rmd5dWRVV1F6UmwzWkppNzQvN2Fxa3...

366 B
622 B

36ms
12ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3x_K0XxaYUl2aVNEaC9QL1h1VUM3UmU0djZjT1ZZaDZKTU5TOEliaUh5MUFWZjliMEZQa1VzL3hGQlZTWVVvNi9TRmp4TVJyL3BLSS9keTJrZlZEU1NTU2Z4NStFWE9ST0huaDI5Rmd5dWRVV1F6UmwzWkppNzQvN2Fxa3Q3UjVMeUlWMllodnlXZGZBVVhmRVZQaHljSjRBL3d2NXpPOTJsQk9IQmJDTUpoYWxrcGFIazFOVitjeUJuRjZndnk2VkE3K0lyOVI4Tm1CdHVnNmNlK1dYWFBtd3ZWV2FXRnVkdlcwQlFKdkFFV2doSDlVTXF0UzZlL2hJbFpjRUNrV1h6MGU1fA&cppv=2

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

8bffce065a4c8dd969a8d6d45c711ab188f16bbe240d47667a018bafcfb89c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 May 2022 19:59:59 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2506
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 May 2022 19:59:59 GMT
location: https://mug.criteo.com/sid?cpp=3x_K0XxaYUl2aVNEaC9QL1h1VUM3UmU0djZjT1ZZaDZKTU5TOEliaUh5MUFWZjliMEZQa1VzL3hGQlZTWVVvNi9TRmp4TVJyL3BLSS9keTJrZlZEU1NTU2Z4NStFWE9ST0huaDI5Rmd5dWRVV1F6UmwzWkppNzQvN2Fxa3Q3UjVMeUlWMllodnlXZGZBVVhmRVZQaHljSjRBL3d2NXpPOTJsQk9IQmJDTUpoYWxrcGFIazFOVitjeUJuRjZndnk2VkE3K0lyOVI4Tm1CdHVnNmNlK1dYWFBtd3ZWV2FXRnVkdlcwQlFKdkFFV2doSDlVTXF0UzZlL2hJbFpjRUNrV1h6MGU1fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.airblog.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1644
content-length: 509
expires: 0

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 447 B
1 KB 141ms
85ms XHR
application/json 141.95.98.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.69 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216534.ip-141-95-98.eu

Software

Resource Hash

faada41ff5a88fab6135e6e3d240568024128c6b004482a00e92d0fc9bccd4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 08 May 2022 19:59:59 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.airblog.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 46ms
27ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.airblog.org%2F&domain=www.airblog.org&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.airblog.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.airblog.org
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 08 May 2022 19:59:58 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1151
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B9FA 2 KB
2 KB 7ms
6ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 07 May 2022 13:59:43 GMT
x-content-type-options: nosniff
age: 108016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 14 May 2022 13:59:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B9FA 15 KB
15 KB 11ms
11ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 446408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 15:59:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B9FA 15 KB
15 KB 7ms
6ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 05:01:07 GMT
x-content-type-options: nosniff
age: 485932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 05:01:07 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B9FA 102 B
134 B 24ms
23ms Other
text/javascript 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bc743d17c186c38b92abb843291a40dd420c60371b1c1c7d81686d076b6e1ae2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&co=aHR0cHM6Ly93d3cuYWlyYmxvZy5vcmc6NDQz&hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=i61e8651mwi4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 08 May 2022 19:59:59 GMT

GET
H2 200 2912487628672031011
tpc.googlesyndication.com/simgad/ Frame 4CB7 25 KB
26 KB 27ms
6ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2912487628672031011?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnZCRJL5Z6nLGb9aO77lnSvtSNEFw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998360&bpp=6&bdt=554&idt=397&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&correlator=5962419915642&frm=20&pv=2&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1lROsstJTW&p=https%3A//www.airblog.org&dtd=431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f6bf86cde6fd25e526539a5c70d1f7af4eac679d28aebbcc8f1eda26c8bbdf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 07 May 2022 03:11:33 GMT
x-content-type-options: nosniff
age: 146906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26032
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 20:06:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 May 2023 03:11:33 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 4CB7 19 KB
8 KB 25ms
4ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:36:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 4CB7 3 KB
1 KB 19ms
5ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:57:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CB7 120 KB
37 KB 105ms
68ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 19:59:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 4CB7 15 KB
6 KB 20ms
5ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:33:05 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 4CB7 30 KB
12 KB 23ms
10ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 08:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 08:26:45 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=54daf45e-932c-41b2-89fb-b3064df3f552
https://s.cpx.to/ca.png?dsp=dbm&fid=54daf45e-932c-41b2-89fb-b3064df3f552&google_gid=CAESEN82OCSL4AmGfBZCkeewoZs&google_cver=1

95 B
804 B

147ms
84ms

Image
image/png

52.211.48.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=54daf45e-932c-41b2-89fb-b3064df3f552&google_gid=CAESEN82OCSL4AmGfBZCkeewoZs&google_cver=1

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-48-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:59:59 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Sun, 08 May 2022 19:59:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=54daf45e-932c-41b2-89fb-b3064df3f552&google_gid=CAESEN82OCSL4AmGfBZCkeewoZs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D54daf45e-932c-41b2-89fb-b3064df3f552
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D54daf45e-932c-41b2-89fb-b3064df3f552
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=1FDF7A42-69E0-47D0-8B9C-952AE7E330D8&fid=54daf45e-932c-41b2-89fb-b3064df3f552

95 B
881 B

164ms
87ms

Image
image/png

52.211.48.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=1FDF7A42-69E0-47D0-8B9C-952AE7E330D8&fid=54daf45e-932c-41b2-89fb-b3064df3f552

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-48-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:59:59 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 08 May 2022 19:59:59 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=1FDF7A42-69E0-47D0-8B9C-952AE7E330D8&fid=54daf45e-932c-41b2-89fb-b3064df3f552
date: Sun, 08 May 2022 19:59:59 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
662 B 77ms
13ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34010&puid=2c3462c70a55929d&gdpr=0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: d5a7ef20801cf5cb1ee516b6110e672f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D54daf45e-932c-41b2-89fb-b3064df3f552&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=54daf45e-932c-41b2-89fb-b3064df3f552&gdpr=0&cklb=1

0
75 B

39ms
39ms

Image
text/plain

199.187.193.192
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=54daf45e-932c-41b2-89fb-b3064df3f552&gdpr=0&cklb=1
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: HTTP/1.1
Server: 199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:59 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=54daf45e-932c-41b2-89fb-b3064df3f552&gdpr=0&cklb=1
pragma: no-cache
date: Sun, 08 May 2022 19:59:59 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3Dhttp%253A%252F%252Fairblog.org.admin-eu2.cas.ms%252F%26url%3Dhttps%253A%252F%252Fwww....
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253Dhttp%25253A%25252F%25252Fairblog.org.admin-eu2.cas....
https://s.cpx.to/an_fire?app_nexus_uid=1953263790839771806&pid=12771&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=54daf45e-932c-41b2-89fb-b...

95 B
865 B

201ms
84ms

Image
image/png

52.211.48.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=1953263790839771806&pid=12771&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=54daf45e-932c-41b2-89fb-b3064df3f552

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-48-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:59:59 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 08 May 2022 19:59:59 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 08 May 2022 19:59:59 GMT
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 04ee90ff-e9d1-408a-b9c2-fc2eb47fdec3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=1953263790839771806&pid=12771&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=54daf45e-932c-41b2-89fb-b3064df3f552
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=43556852-0789-499a-afc5-7cfcb79550c8&dsp=TTD

95 B
876 B

85ms
84ms

Image
image/png

52.211.48.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=43556852-0789-499a-afc5-7cfcb79550c8&dsp=TTD

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-48-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:59:59 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 08 May 2022 19:59:59 UTC

Redirect headers

pragma: no-cache
date: Sun, 08 May 2022 19:59:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=43556852-0789-499a-afc5-7cfcb79550c8&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1 400
Bad Request sync
pool.grid-data.bidswitch.net/ 43 B
244 B 95ms
24ms Image
image/gif 35.211.144.1
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.144.1 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 1.144.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:59:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 css
fonts.googleapis.com/ Frame 15CD 4 KB
618 B 40ms
24ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=4094043489&adf=3069128770&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998366&bpp=4&bdt=560&idt=504&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kUzIBUVUeq&p=https%3A//www.airblog.org&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 May 2022 19:01:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 May 2022 19:59:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 May 2022 19:59:59 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 15CD 2 KB
904 B 32ms
11ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:48:59 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 15CD 19 KB
8 KB 27ms
7ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:36:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 15CD 3 KB
1 KB 8ms
7ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:57:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15CD 120 KB
37 KB 92ms
55ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 19:59:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 15CD 15 KB
6 KB 25ms
5ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:33:05 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 15CD 30 KB
12 KB 11ms
11ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Thu, 05 May 2022 20:56:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 00:38:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4CB7 0
0 79ms
76ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5BPVPiF4YoKFM_CEoPMPxZSjsAXs88vnadWJ2_WYD4HP27uBHxABIPSHlShgycapi8Ck2A-gAdfJzuEDyAECqAMByAPJBKoEzwFP0B5uqy1-eRM6w8VNRtVCJxYJXmoPCekF4t03gKmRXjQ4qWraPRldZTNevicyecXzleRbizcvNqKRLGbBb6k_so-rBtGcPL1lvaYQzpQUmpdGPKnmkVFexMHnbGDIwTPXrLbjQm5apZnrgc9B16KyMEyin9mp2hctcPYiUp51klFMFZlHiTOcWG5HUvIcpA-r0yuit-rq73kqtygxtoXAeMxrM2nutWZpb7L7C79ZrThQMjNY1S0MQC88nCmGXnNb-6b24V8rbeqGRG2MaqPABI_9za_zA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeRtrEeqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQwtsY0ggHCIBhEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zODc3MjgyMTUyODA4ODgwGAA&sigh=C7yXkTAFF7k&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998360&bpp=6&bdt=554&idt=397&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&correlator=5962419915642&frm=20&pv=2&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1lROsstJTW&p=https%3A//www.airblog.org&dtd=431
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 May 2022 19:59:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 08 May 2022 19:59:59 GMT

GET
H3 200 4666074985318254179
tpc.googlesyndication.com/simgad/ Frame 83E8 63 KB
63 KB 13ms
12ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4666074985318254179?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmLaxMXKc_gGL_MazasRB1QiXe4kQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

872b0b6c9a823b2e0d425b8b4136335864d7386c6bcd308a940d78de134ee79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:16:54 GMT
x-content-type-options: nosniff
age: 171785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64906
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 23:32:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 May 2023 20:16:54 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 83E8 19 KB
8 KB 10ms
8ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:36:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 83E8 3 KB
1 KB 11ms
8ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:57:51 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 83E8 67 B
91 B 11ms
8ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 29488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 09 May 2022 11:48:31 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 83E8 15 KB
6 KB 8ms
4ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:33:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83E8 120 KB
37 KB 46ms
27ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 19:59:59 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 83E8 30 KB
12 KB 10ms
7ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 08:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 08:26:45 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 46ms
10ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 08 May 2022 19:59:59 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1409
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 15CD 0
0 76ms
74ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXbslPiF4YtqSONGZoPMP3vuI8AvV15T2afWz4JDoDtrZHhABIPSHlShgycapi8Ck2A-gAdKyztsDyAEJqAMByAPLBKoEzgFP0Eah8DvuKsiZNGP2K1tur8fvKrZ-IXjrIMcBxMwCOuAharxeXy9QTck2mm11gmUdfeOwdMpx0srGTKCkzLkgZz0hp5ctv8nlh4-xXuWxpTmwIb9XD5j2Q8yuSYgOd09GjuDiKlnZSCmnUjGHRIJKVjfbYZHkOka1uE77lWdCtZXfgdcabcPPwkzISDq94BCUMwYl146GWKJW-9KCvk3cwmFUgcxml63IIS65PRgYYJQNGojmMyKE_9DCt3QsdwcWc72ijN4pYZCC5K_53cAEr5Pz4eEDkgUECAQYAZIFBAgFGASgBi6AB5bNsSSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCOpTHSCAcIgGEQARgfgAoByAsBuBOIJ9gTDYgUCNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zODc3MjgyMTUyODA4ODgwGAA&sigh=XxpE6PKtwX4&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=4094043489&adf=3069128770&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998366&bpp=4&bdt=560&idt=504&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kUzIBUVUeq&p=https%3A//www.airblog.org&dtd=526
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 May 2022 19:59:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16759361270505574265/ Frame 15CD 11 KB
11 KB 15ms
7ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16759361270505574265/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd727658a2be403db031e21bc2c5b419eaeca892c5fbff190a91de6e923d348e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 07:53:28 GMT
x-content-type-options: nosniff
age: 475591
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11295
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 00:19:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 May 2023 07:53:28 GMT

GET
DATA 200
OK truncated
/ Frame 15CD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 83E8 0
0 77ms
75ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIQwtPiF4YuH0PLeFoPMPu7eukAbuv9nbadrF25eSD_iloKDeIRABIPSHlShgycapi8Ck2A-gAaaJ64wDyAECqAMByAPJBKoEyQFP0PbftPyGBFhNDER5gtHKK7LyYryQTXiNIj0TCdSv10tUdeolwzANdMpv7hQUG0188Rlq8eNH0uQaPCXAdLTOPbHUVX0HihCJ8IsCd7i3-ENOyLsz80aXI6WJ-qYWlyKQMRF2b73i-7b29LE9cT3Z5xPOHZUSOkkNqJzrq-aTIe_KRawPaPS6YdeWZ-32zjs3ydi8ibwHwjPMGzZm9vGBukeN_jwI1h2_xl4O_2YgKR2JvDhaW14-oTR_5xt7mHck4L9YIITtvZrABI24_uzwA5IFBAgEGAGSBQQIBRgEoAYCgAee4oA3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkOwY0ggHCIBhEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zODc3MjgyMTUyODA4ODgwGAA&sigh=JvQbwMQ7ay0&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 May 2022 19:59:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A67 143 B
163 B 8ms
7ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998360&bpp=6&bdt=554&idt=397&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&correlator=5962419915642&frm=20&pv=2&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1lROsstJTW&p=https%3A//www.airblog.org&dtd=431
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 19:28:04 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
526 B 496ms
207ms XHR
application/x-javascript 54.228.181.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.181.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-181-56.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 May 2022 20:00:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 May 2022 20:00:00 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.airblog.org
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF5A 143 B
163 B 5ms
4ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 19:28:04 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame B9FA 31 KB
18 KB 53ms
53ms XHR
application/json 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5d1385d6f6271da616fece4e37d5d6f52eae89c408361bf0c2a31a3b66c4ce7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&co=aHR0cHM6Ly93d3cuYWlyYmxvZy5vcmc6NDQz&hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=i61e8651mwi4
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 08 May 2022 19:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18067
x-xss-protection: 1; mode=block
expires: Sun, 08 May 2022 19:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 15CD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fac68c43f45aca8ce195c6020b56a46159885ded1c00261ad0987d5c1add732a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 83E8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a707075d39f97393cbe0ade945ed7a37d0a678f708532257475f0f31bc4cb4c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4CB7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a44b09b31f7cc1c0147713de87cf244bdba839c40f86c09d4f8d8a282af9e5d8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 15CD 16 KB
16 KB 8ms
7ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:09:49 GMT
x-content-type-options: nosniff
age: 71410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 08 May 2023 00:09:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 15CD 15 KB
15 KB 13ms
9ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 16:23:56 GMT
x-content-type-options: nosniff
age: 444963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 16:23:56 GMT

GET
H2 200 banner-1-optin.css
www.airblog.org/wp-content/uploads/complianz/css/ 15 KB
3 KB 138ms
118ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/uploads/complianz/css/banner-1-optin.css?v=16
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=6.0.14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 1cca84cc7aec73c47305daaa71a0529ac7771484c0e5cf2199f0e7f66a4bab1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:00:00 GMT
content-encoding: br
etag: W/"61f576a3-3cce"
last-modified: Sat, 29 Jan 2022 17:17:23 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 20:00:00 GMT

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4263 35 KB
13 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 15:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:55:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A67
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

25ms
25ms

Document
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 20:00:00 GMT
expires: Sun, 08 May 2022 20:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 20:00:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3135 35 KB
13 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 15:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:55:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF5A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

41ms
41ms

Document
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 20:00:00 GMT
expires: Sun, 08 May 2022 20:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 20:00:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame EDEE 35 KB
13 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039998370&bpp=2&bdt=564&idt=586&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=5962419915642&frm=20&pv=1&ga_vid=1570139835.1652039999&ga_sid=1652039999&ga_hid=190256670&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44762585%2C31065544&oid=2&pvsid=487689601870731&pem=704&tmod=501506618&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-eu2.cas.ms%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=W6r2pHOrXU&p=https%3A//www.airblog.org&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 15:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:55:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4CB7 42 B
64 B 36ms
25ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4kw4wlXjapRbFGTrQkfCc08mryyYHRASS5Ig4VFALsnmfyJVq4vGzqS7B-wjpNldQPswX6QEMJ29LnilvM55BNXn2ttwM_PkH1ZQBvY71lnoy7fJ69FOjUw&sai=AMfl-YQiucCvJyMhT7IybDM7Nlsbz88u35G-XiHgeTpk7TghZM_FrooKxyn5n7oaT9jE9r44rn75aLeHDOdC&sig=Cg0ArKJSzGp_J68LMmVMEAE&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=273346281&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652039998794&rpt=950&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 May 2022 20:00:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 26ms
25ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220504&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fe83055799fb4be7403832bcddac413d7b455e6894afd3e60dc09ce483f2bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 May 2022 20:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10365
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 20:00:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D787 13 KB
5 KB 7ms
6ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 154713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 01:01:29 GMT
expires: Sun, 07 May 2023 01:01:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D01B 783 B
536 B 28ms
26ms Document
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d8b547b1628cb49e33a8878883d6c2b6a20caa61cac0d57c4e8c32ac8718bb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vcHB3/H9mz1dB48ZO+G5EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-vcHB3/H9mz1dB48ZO+G5EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 20:00:02 GMT
expires: Sun, 08 May 2022 20:00:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame D787 35 KB
13 KB 9ms
9ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 15:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:55:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D01B 0
0 43ms
40ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220504&jk=487689601870731&rc=05AG0FwmAK524JBv-CpI_HWHqxDTg9-SrCynlNjUPGTQkI2Bvv6BsKIVLeCUiTE3_Au0TYeW4pm-y0H7jg5DXwoQZzTjYmvSLbjxz-tVOHNrtDAgehKrHN-NT8S_R0ybPXFCA1toxbghVNvbXGUrrrQEwH4nGIOAdcTzjdrMXvfnzLmsym4eYS6j1OX4tymBoTm-RwzWNCKiSJE04hNPh2VQc146qJWhJ1-lJ3cIKZ-7atZxKh4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D787 0
9 B 7ms
6ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ADBPmQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:00:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220504&jk=487689601870731&bg=!ZWalZiLNAAZX5TVhd-U7ACkAdvg8WqmNsrhuDobvtoOtAQ4KXwzlXcCG4Xy7LXGjpWn29W7byH4G5wIAAACMUgAAAANoAQeZAqh6K_sSQWQ880paWzcFkdKmPgtyzHon0lqogRXoqSDQlZncTf_4nS79sRDSdAdRsQlgOY0H4ZiidVks765BgqWsVYpNvsDh-rlZaYe2YZQruzkKV0yzuFFptiNeqoA-8l9eVddwG75yn13bG4gdaLxFH8B0i-JDawUJUJravsVShN7IiJabzLCEr2yXeQeRqbYUnYG05c6wJ7yD4GX5gQ3W6FYt10rW7IIx6T9nuE1BZRqhtNpS9WMtLwTnQhvuGurOJ8rJUaxrIY78O0IAQriye9f7OQTcIUPsiurvX5RD5aiimX0xVQV8gTj70SNL8DOxPgBntQH2ww0pACRwyyuFIsJSU0rNHKoiqXRm1SoTx5xztnWZrGJFFBKYRw9eiDvEEJ6P1Ud4JjoESYcTZ4nUZFkixJv1V3D9G4Fs1kY2rUdQgBPWTZ4fi9m0ReFTCTvLMm31Y0tua8UofdfLQsSM20yi3_cRY2OcQivngWEeufuVRGBwwFrDIEkR74yK6ac7ZBpMLV2xGwERlkbtcqowcFO2tEjUjgf31d89hajFq2_D-bV2DjBSfQZDFoobLBjJC5vRYtKIh9BqqY9fxkkM0m027EmxHMFRS0dWBYSH5MlJcVfuvjvEeeWi2mVIiOSo5MR7m6Qu9GeRWx9i9ujdngBk7L6dtrtRRmmBj_0Iu734nkOSAnSeX4Hw5i0iaDQNPgyKME00Sjakm3hR1TotTXR7EjLfYE_HXYprMcOVNN_aaMO5YKZ2mD4zU9qTCQ0SpNa1BsWX0_p42SO2sbC_-ar3FOtoZb9VgUpDtna42zbJhG0RogKLM6NoeUXYQBblQ-1IAoT2Uv8YDdxBM2YGnvcWDiFzyudNshaZOtWSgoATTmAASjmHskz0z-j4r-RpCFE1pxC-Ww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 07:13:11	Name: _GRECAPTCHA Value: 09AG0FwmDJCCLqldUaI6TbGsdf2_P7akV_ZtsMZ-RS8SzZcNErjohjvwWwnvI74WEy-J6qFAwrrPOBp2Ja1-tKwQI
.adsrvr.org/	1970-01-20 11:39:36	Name: TDID Value: 43556852-0789-499a-afc5-7cfcb79550c8
.quantserve.com/	1970-01-20 12:24:14	Name: mc Value: 6278213f-07065-66b8a-c20ce
.airblog.org/	1970-01-20 12:15:35	Name: __gads Value: ID=b2a80211aac62695-223d7c8474d200b1:T=1652039998:RT=1652039998:S=ALNI_MYRJFkwwuyj1yvWlFMfbNrTlKyGng
www.airblog.org/	1970-01-20 03:37:11	Name: _pbjs_userid_consent_data Value: 3524755945110770
.airblog.org/	1970-01-20 03:34:19	Name: sharedid Value: fb544df6-7524-4461-874b-338bdb61af5f
.airblog.org/	1970-01-20 12:18:28	Name: __qca Value: P0-21359165-1652039999014
.id5-sync.com/	1970-01-20 02:54:00	Name: callback Value:
.cpx.to/	1970-01-20 11:39:35	Name: cpSess Value: 2c3462c70a55929d
.id5-sync.com/	1970-01-20 05:03:35	Name: id5 Value: 9f71743b-70f8-3718-a6be-7a354fc26e9f#1652039998000#2
.smartadserver.com/	1970-01-20 12:24:14	Name: pid Value: 4965946126887743481
.smartadserver.com/	1970-01-20 12:24:14	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 12:24:14	Name: csync Value: 111:ID5-ZHMOWJYTx3MO_0p4WAIrtrYMXQF9M0Ysb70kpOSo1Q
.rubiconproject.com/	1970-01-20 11:39:35	Name: khaos Value: L2XPYLWB-17-EDA7
.rubiconproject.com/	1970-01-20 11:39:35	Name: audit Value: 1\|Liz08/llfw9AfUFkmjohdPR6fXKqwZZsZoZrtxYj/abRuZ+dvyOZuPygHUB22bh9YbLbykp6nFtCbuL7wqM7WyFXYYZB6yz1JjD8NIbifDcfXFDZUCiMnyCVMxG57Z2PMUopif0hXfP/Kbanvm9i+JEZG/c+f8ft
.doubleclick.net/	1970-01-20 20:25:11	Name: IDE Value: AHWqTUnQB47v7QwTjrtByD7aNQWtrXKWtLaLpovxni1Aft5bhnuiZ-UAh3X0ykvj1mg
.pubmatic.com/	1970-01-20 05:03:35	Name: KTPCACOOKIE Value: true
.smartadserver.com/	1970-01-20 12:24:14	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.pubmatic.com/	1970-01-20 05:03:35	Name: KADUSERCOOKIE Value: 1FDF7A42-69E0-47D0-8B9C-952AE7E330D8
.cpx.to/	1970-01-20 11:39:35	Name: dsp_TTD Value: 43556852-0789-499a-afc5-7cfcb79550c8#1652039999680
.airblog.org/	1970-01-20 12:15:35	Name: cto_bundle Value: QmFyxV9LNFYlMkZZejcwJTJGb3NRT2paZDg0ayUyRjBma1M2V0tnJTJGeThEVnNZUThJZ3ZVR2MlMkY2enRNMVljVFROcmJUMU1nUTQ3cDh3RWVWR1phbE5MRkE2cjF4dndaeTBQTEklMkZLekR3NFRWNHR0Z3lrTWEzbCUyRmolMkJWcVB2NyUyQm1jakZRS1hNZWFZQg
.airblog.org/	1970-01-20 12:15:35	Name: cto_bidid Value: vFFCNF9MNG0xMUZ1VmcxQmtJanhDd3FXMWFsVGpkYnlxJTJGZEVKZkh2UCUyQmJBTWQyQ3c2cyUyQjFGeFdNVkRpbnRYcHo1aEVJQndFdm93NG5kM0dhdiUyQll6ZEpYZlBBJTNEJTNE
.adnxs.com/	1970-01-20 05:03:35	Name: uuid2 Value: 5270379221808621048
.cpx.to/	1970-01-20 11:39:35	Name: dsp_dbm Value: CAESEN82OCSL4AmGfBZCkeewoZs#1652039999767
.cpx.to/	1970-01-20 11:39:35	Name: dsp_app_nexus Value: 1953263790839771806#1652039999854
.cpx.to/	1970-01-20 11:39:35	Name: dsp_pubmatic Value: 1FDF7A42-69E0-47D0-8B9C-952AE7E330D8#1652039999871
.doubleclick.net/	1970-01-20 02:54:03	Name: DSID Value: NO_DATA
.mathtag.com/	1970-01-20 12:19:55	Name: uuid Value: 71746278-2140-4800-a54c-50d9d4f5f55a
.id5-sync.com/	1970-01-20 02:54:00	Name: cf Value: gif
.id5-sync.com/	1970-01-20 02:54:00	Name: gdpr Value: 0\|
.adsrvr.org/	1970-01-20 11:39:36	Name: TDCPM Value: CAEYASABKAIyCwj66aKLgs7YOhAFOAFaBzhoOXUxMWhgAg..
.id5-sync.com/	1970-01-20 05:03:36	Name: 3pi Value: 2#1652040000253#1394372845#5270379221808621048\|3#1652040000536#-1075666908#71746278-2140-4800-a54c-50d9d4f5f55a\|102#1652039999705#1884520016\|264#1652040000636#1509922966#43556852-0789-499a-afc5-7cfcb79550c8
.id5-sync.com/	1970-01-20 02:54:00	Name: cip Value: 102
.id5-sync.com/	1970-01-20 02:54:00	Name: cnac Value: 3
.id5-sync.com/	1970-01-20 02:54:00	Name: car Value: 6
.bidr.io/	1970-01-20 12:22:33	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 12:22:33	Name: bito Value: AAB0rU7E8EMAADwx0bu-zw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pool.grid-data.bidswitch.net/sync?pid=42 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adservice.google.com
adtrack.adleadevent.com
airblog.org
airblog.org.admin-eu2.cas.ms
ajax.googleapis.com
api.rlcdn.com
as-sec.casalemedia.com
c.tmyzer.com
c1.adform.net
ced.sascdn.com
cm.g.doubleclick.net
csync-global.smartadserver.com
csync-us.smartadserver.com
d2zur9cc2gf1tx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
js-sec.indexww.com
kvt.sddan.com
match.adsrvr.org
match.prod.bidr.io
mcasproxy.azureedge.net
mug.criteo.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
pool.grid-data.bidswitch.net
ps.eyeota.net
rtb-csync.smartadserver.com
rules.quantcount.com
s.cpx.to
script.4dex.io
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
sync.mathtag.com
sync.smartadserver.com
tag.leadplace.fr
token.rubiconproject.com
tpc.googlesyndication.com
www.airblog.org
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.225.231.117
141.95.98.69
142.250.64.66
142.251.40.98
145.239.193.51
15.197.193.217
151.139.128.11
185.167.164.39
199.187.193.192
199.187.193.204
216.200.232.253
23.204.152.208
23.52.162.21
2600:141b:13::17d7:8270
2600:141b:13::b833:92b2
2600:141b:13::b833:92b3
2600:9000:21ec:d600:6:44e3:f8c0:93a1
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2607:f8b0:4006:809::2004
2607:f8b0:4006:809::200a
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:816::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:824::2003
2620:100:a001::c
2620:116:800b:21:559e:e8a8:8a19:7f11
3.233.22.19
34.120.155.137
35.211.144.1
35.211.178.172
51.15.145.115
51.222.239.232
52.211.48.15
52.22.205.192
52.224.188.157
54.228.181.56
54.38.64.100
68.67.160.132
68.67.160.134
69.173.151.100
74.119.119.139
78.46.71.241
8.28.7.83
99.80.87.97
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0897bd600f16f8867b46fdb9058e820bfa6cc1bdf01a1975219b553c7a7fc2d4
0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cca84cc7aec73c47305daaa71a0529ac7771484c0e5cf2199f0e7f66a4bab1c
1dcb7b0b76d8b08d2c572f9df3b28aefb7b29a35f04812dcdcb91a0ef87a0f6b
25a9b61a13f84c11ed5ae966543a5850d29fa31725b68733c140801bcbe637bc
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
303b7acf1f54f053c84b9a9d889a693ff90e39ecec8fdadac43201449d116be8
319f22513aa812f96bf8b5dbb6c9e493dd01c197b7818a549b91c8140d88888b
335bc17ea5f91c4585ff408bcd0cd779ffb2668a1d8207394bde38e8537ed0fc
3715d898091d218facfde51025bc504a59b4cc8a6a388061ae0af810fc2678dc
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4db5040b38ec7a9aa5e7f7200e540a5b2e3c6f7ff8f027bb45acb98de8b41205
4e44758542e7203cb2050755ccf83633e63e62d854aff74c928943088be90075
514d168fcfac4a69ed0fbe1508eec4a7a66a465456149ed2c294f59035e908b8
53a876a4f4b7d9b7437e5c21bc37146d0980d4d21444365038f3df443154e950
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551ba1ecbe0bbb90ff6dc576dc32dec584bea60f694faa0b39fe66166e7d3818
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5773246ab9ff5dfb7d8eddde1cba8b596badf0c4414f1b37ce24db69d106c77a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cf783805a09c64f3734d0c010755b2e0cd4418a8d2b95057fcc8121dbf9c1c6
5e1959636a4c2e11cd8b36ffbbca8e00131fd2e1cc371a6a4e0d65f6f47a6050
5fe83055799fb4be7403832bcddac413d7b455e6894afd3e60dc09ce483f2bb6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6c924400dc0bafd7bc6e33c58502800262426bc2696b6995dff4189261ec17de
6d8b547b1628cb49e33a8878883d6c2b6a20caa61cac0d57c4e8c32ac8718bb0
6f2d216249fa0403988a11f971042cda8aca1e057434422d93bfa2593ef092ef
6f6bf86cde6fd25e526539a5c70d1f7af4eac679d28aebbcc8f1eda26c8bbdf6
6fe859cc9b0b4c24daf635f4203f7e6c92230369ad24686616f64b8a3dffa26f
7113196619fd9ddf95ab6975a259b6eb5ed973adebf5eb1d4185d18233889b20
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
7469d07f6d0b2cf992c0f5ca15b10db23b3a01d35d12e6c00858873d3a8bb06e
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7cc134912df21850088036f583fbfeefb6baa7a2a5bdbf253b8d024ae6a56e4e
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
811d0f2b87626ccb1075cd2b71c63dfc4edc5242ac9e7fa0225d3aeca7b4493a
872b0b6c9a823b2e0d425b8b4136335864d7386c6bcd308a940d78de134ee79f
8a707075d39f97393cbe0ade945ed7a37d0a678f708532257475f0f31bc4cb4c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8af68f83b12515bf2b6eb71eb160a35765cba6c72bafb2566061b34fbcedb459
8bffce065a4c8dd969a8d6d45c711ab188f16bbe240d47667a018bafcfb89c9e
8c74567dc7b8ad6305d04a844576b6d80b53fae701e2f3072b1dee98ecb26794
8c95fbf9e1dab750326a1d2e0dbdff3d091b0695fcefea56f0ff403496c940a2
8d047bda78f411b89fae57e2cf3a9ae2167985eb4b6534eb26f470397abae8e0
8d47cc1b7cf6a7d253890cd1c86c372ca1cb31d9bcc156193c1fca42e821b987
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8de58826e0ea4c15255efaf99058147349aaa938684ed7d9bcc77788ee5daa94
8dfa47d90b2c2d2e54b25c23ec95c125a116bb550b8c438bcbd3a4439258519f
976ce9d9acb9658e97840767d7ba2988a7e405c6b65d09331859c820791c1c4c
98e8d18ad3a3ccd09313b477fe69971f58850834e52fba04bf733d7e4113cc11
9a00fd4974dcbb8c4d9c62d6d91b2f0a2ba3a18caad457cf87c2e6d7eb182759
9a297de328634be2246c3dbef0c619d1cf8d4858e592baedbd712041898df72b
9a5213cf9e6ba5680022244266ded05532e568d7cf682740b169ee681344025b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b12ed38dbb008349e5e39981d20acf4a4062ac5ad38bac3ea35ca3f80da430
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23682dd7421e99919fc31901326d5e9d9d0cd722ae8e55afed0549a93a97e05
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a44b09b31f7cc1c0147713de87cf244bdba839c40f86c09d4f8d8a282af9e5d8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d1385d6f6271da616fece4e37d5d6f52eae89c408361bf0c2a31a3b66c4ce7
acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285
af3ce861484039c35a1811f0b24c2073a3885273954c8bbc16c53815cc2c8f96
b08040ee5c03d71056c89581fc082a190ec26bf05074a77876d37623a1cddc8b
b187e1e9324f0295eb618a1639815f27538926a181f86c3a4a1e9e76f7282157
b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2
b3a66a92ba645a81f3be52f412f621bf7b0cec656dad0ca354840953eb8a2bdb
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b5c62131a0575cca97da8d53cecf82538ec888c994bed1134bf929a674dacd87
b7c2f6897797b91368989fdf497f734262181ada58b8003b3e9295e2348c9337
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc743d17c186c38b92abb843291a40dd420c60371b1c1c7d81686d076b6e1ae2
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c27b13f6315c38fbf7e9699aeb846ebccb5c728b6a4525b7791909adf84e2f5a
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
c8c9b01c729ee2da404f2d4f1cc65c5397ee4efc4d6d67c7441cc31fb09e303d
c92a2861eb9a10cb66fc22873e9172f6e4c23b77a1274c1e9134443471e7bed0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d153888853d763598eab808a0b1de15c8a710a958191cead9288b2e76c8fc3f7
d33e951249803732cb79d933712d9ed7371cdeb030a1bc4f598463c768078a22
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
db0037fc89f3ffe6f3742f500760ec2bc6b965f4039ad9b8a524bfd4418c7e2b
dded581e868c0f7b376ace7d2cc07429828c99fd5cdfeade0f6bfa62e150c56d
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df0af21979edaeac51f768c69a72eb3804fc6425346f171b6839c326a8cdaef4
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea4e05b419e4603038c3140f01d23296d4981e4f4a0107a7d9d2bf781acef11c
ea8eea7186bf999d279a5762343dd29cc732d25e328c8de2dbec404e649b0184
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0989c5e16cbf933b4473698a865f0023589d2a2021fb516d81bfa3d9bc2988a
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f641acb5aef9ad3c1795e08ab4b07b11abab1bf27a46fc0ee0a09bdc5400f55e
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7a2f6732915bf51f4c1c55e0db025e3d106a69d40aa6fb9c28219418f81c922
faada41ff5a88fab6135e6e3d240568024128c6b004482a00e92d0fc9bccd4da
fac68c43f45aca8ce195c6020b56a46159885ded1c00261ad0987d5c1add732a
fc5166447e6081f9e7260b18e7b982af56cfb0c252e2f25575d3d49181a8f3d1
fd727658a2be403db031e21bc2c5b419eaeca892c5fbff190a91de6e923d348e
fddbd81c9f8ae7dbaaf16aec67e5db4e4707aa06ca062737eedc13c5e115f112
ffb3ed31aaae24721ed5d7465048974bc90b32e40eefd57debbbe1841e3e580d

www.airblog.org Open in urlscan Pro 78.46.71.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

94 %HTTPS

37 %IPv6

38 Domains

52 Subdomains

39 IPs

5 Countries

3293 kBTransfer

5865 kBSize

37 Cookies

3 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.airblog.org Open in urlscan Pro
78.46.71.241 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

94 %
HTTPS

37 %
IPv6

38
Domains

52
Subdomains

39
IPs

5
Countries

3293 kB
Transfer

5865 kB
Size

37
Cookies

164 HTTP transactions
4 data transactions