userealbutter.com Open in urlscan Pro
64.64.24.127 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.userealbutter.com/
Effective URL:
http://userealbutter.com/
Submission: On December 16 via api (December 16th 2022, 6:52:59 pm UTC) from SE — Scanned from SE

Summary HTTP 164 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 27 domains to perform 164 HTTP transactions. The main IP is 64.64.24.127, located in San Jose, United States and belongs to LEASEWEB-USA-SFO, US. The main domain is userealbutter.com.

This is the only time userealbutter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 53	64.64.24.127 64.64.24.127	7203 (LEASEWEB-...) (LEASEWEB-USA-SFO)
3 5	172.217.16.132 172.217.16.132	15169 (GOOGLE) (GOOGLE)
5	142.250.201.195 142.250.201.195	15169 (GOOGLE) (GOOGLE)
14	142.251.208.162 142.251.208.162	15169 (GOOGLE) (GOOGLE)
1 8	72.251.249.13 72.251.249.13	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	104.84.56.209 104.84.56.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
3	157.240.206.63 157.240.206.63	32934 (FACEBOOK) (FACEBOOK)
1 3	23.44.77.178 23.44.77.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 15	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
16	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
27	142.250.180.225 142.250.180.225	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
2	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	3.75.169.179 3.75.169.179	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	63.215.202.140 63.215.202.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	52.50.178.15 52.50.178.15	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	13.32.27.108 13.32.27.108	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	3.126.18.125 3.126.18.125	16509 (AMAZON-02) (AMAZON-02)
164	24

53 64.64.24.127 (San Jose, United States) 1 redirects

ASN7203 (LEASEWEB-USA-SFO, US)
PTR: vps.jenyuphotography.com

www.userealbutter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
userealbutter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jenyu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.132 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.201.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap2ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.56.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-209.deploy.static.akamaitechnologies.com

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.206.63 (Santa Clara, United States)

ASN32934 (FACEBOOK, US)
PTR: instagram-p3-shv-01-fml2.fbcdn.net

scontent-fml2-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.44.77.178 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-77-178.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

gslbeacon.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.180.225 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.169.179 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-169-179.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-login.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.178.15 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-178-15.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.108 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-108.fra56.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.18.125 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-18-125.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	615 KB
29	jenyu.net jenyu.net	9 MB
28	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	124 KB
24	userealbutter.com 1 redirects www.userealbutter.com userealbutter.com	4 MB
12	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 581 pxdrop.lijit.com — Cisco Umbrella Rank: 2652 gslbeacon.lijit.com — Cisco Umbrella Rank: 12723 vap2ams1.lijit.com — Cisco Umbrella Rank: 65183	28 KB
8	gstatic.com www.gstatic.com p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com	54 KB
8	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	187 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408 ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	1 KB
3	google.se adservice.google.se — Cisco Umbrella Rank: 64527	1 KB
3	cdninstagram.com scontent-fml2-1.cdninstagram.com — Cisco Umbrella Rank: 87367	1 MB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2616 log.pinterest.com — Cisco Umbrella Rank: 3632	19 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 414	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 566	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 688	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 710 r.turn.com — Cisco Umbrella Rank: 3099	869 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 655	442 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2338	104 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 12945	554 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 578	191 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 759	717 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 434	863 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	698 B
164	27

	Domain	Requested by
29	jenyu.net	userealbutter.com
27	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com userealbutter.com pagead2.googlesyndication.com
23	userealbutter.com	userealbutter.com
14	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	userealbutter.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	ap.lijit.com	1 redirects userealbutter.com ap.lijit.com
5	www.gstatic.com	userealbutter.com googleads.g.doubleclick.net
5	www.google.com	3 redirects userealbutter.com tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.se	pagead2.googlesyndication.com
3	pxdrop.lijit.com	1 redirects ap.lijit.com userealbutter.com
3	scontent-fml2-1.cdninstagram.com	userealbutter.com
2	x.bidswitch.net	2 redirects
2	secure.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	fonts.googleapis.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com
2	www.google-analytics.com	userealbutter.com www.google-analytics.com
2	assets.pinterest.com	userealbutter.com assets.pinterest.com
1	s.ad.smaato.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	log.pinterest.com	userealbutter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vap2ams1.lijit.com	userealbutter.com
1	gslbeacon.lijit.com	ap.lijit.com
1	www.userealbutter.com	1 redirects
164	39

This site contains links to these domains. Also see Links.

Domain
iamafoodblog.com
www.instagram.com
wordpress.org

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2022-09-25` - `2022-12-24`	3 months	crt.sh
cert1.a2.atm.aqfer.net R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.se GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 19 frames:

Primary Page: http://userealbutter.com/
Frame ID: 23392E4EE82A9C4FB7C1021B0D222286
Requests: 77 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: 30CAE3821BA107299EB58536C7BCB6EB
Requests: 8 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_112622_2b60b5dd7403433380c242c740bfee85&rand=6391&informer=4174529&type=fpads&loc=http%3A%2F%2Fuserealbutter.com%2F&v=1.2
Frame ID: 4D98EE2FA772D8B5838F2D254C60081A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=5995444990&adk=3894105007&adf=2967099449&pi=t.ma~as.5995444990&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770876&bpp=29&bdt=930&idt=438&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=4208776245271&frm=20&pv=2&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1081&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=H5XpeGOOy1&p=http%3A//userealbutter.com&dtd=459
Frame ID: D5055D0AEFA7A0B38C3BD407006AA609
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=6442770196&adk=471578359&adf=3449149223&pi=t.ma~as.6442770196&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770906&bpp=2&bdt=960&idt=436&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&prev_slotnames=5995444990&correlator=4208776245271&frm=20&pv=1&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1716&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bUAH5rm65T&p=http%3A//userealbutter.com&dtd=440
Frame ID: F2639541915FC56DD177033A990926D5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/index.html
Frame ID: D24249AC4F97F19D220335EA8F5DA807
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCE30A1A93EC610DAF6B0F488CA77D3B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E2AD3DB656618068ADA8E78C65C98EDD
Requests: 2 HTTP requests in this frame

Frame: https://p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: F06C7A09E201B3183867809CA1888A15
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: B89AEBBF035186BA4231024C4553F901
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 7DE3C6D576B66FB5728FBC948A031DF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&adk=1812271804&adf=3025194257&lmt=1671216773&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x1080_l%7C236x1080_r&format=0x0&url=http%3A%2F%2Fuserealbutter.com%2F&ea=0&pra=7&wgl=1&dt=1671216773553&bpp=3&bdt=3607&idt=3&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2a8a125abf1957eb-2292521115da0030%3AT%3D1671216771%3ART%3D1671216771%3AS%3DALNI_MZgK1StNPnjcEK9snb029oa1yWo_w&gpic=UID%3D00000b9386a49148%3AT%3D1671216771%3ART%3D1671216771%3AS%3DALNI_MZchsNV1dEHnflNKYu8pVaArtugNg&prev_slotnames=5995444990%2C6442770196&nras=1&correlator=4208776245271&frm=20&pv=1&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&psts=ACgb8tuj15JZoTMzNDrheoP0fNLomRySh-9NnG4ukG-SlirDtdpIzaHPIpNMRWIsqDVFKp2LpHpz0j1yPfuwbbU%2CACgb8tst6d0CHY71niiKbKJfOSAlSOrmJkoVbWSDyP2V9-c0N2TVCaC7E8tkOIMHr9Fk-N36rCT13M-8mErfMOYsgQ&pvsid=3191363317482379&tmod=1291015597&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=30
Frame ID: 0F051E76F69535E11FB757FD82B9BB7D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A832E93DC27903BB08F969E55449DEC8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95E28A9A6D1FB184E3DE108CC266E2EB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: BD8668567C889B1012F4B27AE57E5836
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2A746052E9316582EE763351AA21A89E
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ABBB086FE33E1F2F1B778D3349F51288
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1EF4A35A95965E429A160B2274ED8B30
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: E3ED4757F413702CE210C701A2C5C0F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

use real butter

Page URL History Show full URLs

http://www.userealbutter.com/ HTTP 301
http://userealbutter.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

164
Requests

57 %
HTTPS

0 %
IPv6

27
Domains

39
Subdomains

24
IPs

7
Countries

14754 kB
Transfer

16450 kB
Size

27
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://iamafoodblog.com/baked-oats/
Title: i am a food blog’s baked oats

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jenyuphoto/
Title: jenyuphoto on instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CmDZfBpOv5n/
Title: Holiday baking is DONE! 🍪🎄This year I made 4

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cl2N9q3McUS/
Title: This baby nugget wants you to know that today is C

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/ClxGndeMXEj/
Title: What I'm eating (and cooking), plus an update on m

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: wordpress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.userealbutter.com/ HTTP 301
http://userealbutter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 48

http://ap.lijit.com/www/delivery/fpi.js HTTP 301
https://ap.lijit.com/www/delivery/fpi.js

Request Chain 49

http://assets.pinterest.com/js/pinit.js HTTP 307
https://assets.pinterest.com/js/pinit.js

Request Chain 54

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 70

http://pxdrop.lijit.com/1/d/t.dhj?dmn=userealbutter.com&GDPR_v2=&pubid=jenyu HTTP 301
https://pxdrop.lijit.com/1/d/t.dhj?dmn=userealbutter.com&GDPR_v2=&pubid=jenyu

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGon5oQBNP3BpY9-ajTTHxg&google_cver=1&google_push=AavPq0Oc875D8VoUGZ7WVFoQLl-mdi7Si5FrKWPZV9oGSVNt9oFiO75gd7Vh4mhF6fBYnGcCGhme9c-kzmWdXgoI6znM_LLrIQyOR1Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUxMTYyNDQ1MzUxMjc1NDA4MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGon5oQBNP3BpY9-ajTTHxg&google_cver=1

Request Chain 142

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFB0K3cKxyuELfnXDYLYYQM&google_cver=1&google_push=AavPq0NGOjW90lAyidkOfcCuUg57cYoE7QT7DHTI1yWjhamFmqDyy2m-0Tl3DNMekQ6W_KOfBdszwWrF2RYgT4Uiwk-apN9PcvMhug HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFB0K3cKxyuELfnXDYLYYQM&google_cver=1&google_push=AavPq0NGOjW90lAyidkOfcCuUg57cYoE7QT7DHTI1yWjhamFmqDyy2m-0Tl3DNMekQ6W_KOfBdszwWrF2RYgT4Uiwk-apN9PcvMhug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U1g5akl5cXMxUDZmUGg1&google_gid=CAESEFB0K3cKxyuELfnXDYLYYQM&google_cver=1&google_push=AavPq0NGOjW90lAyidkOfcCuUg57cYoE7QT7DHTI1yWjhamFmqDyy2m-0Tl3DNMekQ6W_KOfBdszwWrF2RYgT4Uiwk-apN9PcvMhug

Request Chain 143

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFflIuRaCz-p4qJE88WQg-Q&google_cver=1&google_push=AavPq0NcgpuJ8y_775ySAjpEUgSvlexOBHBBfMd-NZyua2vzpfkduMsNBtmiJerPxU9Tec-SpuRVmuhDBuevJ0MaUbme4qg1mRP5bw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0NcgpuJ8y_775ySAjpEUgSvlexOBHBBfMd-NZyua2vzpfkduMsNBtmiJerPxU9Tec-SpuRVmuhDBuevJ0MaUbme4qg1mRP5bw

Request Chain 144

https://um.simpli.fi/gp_match?google_gid=CAESEFxbJvtQRU4LpQYrpeWn9-0&google_cver=1&google_push=AavPq0M-eW5YOGRcRaaLf3ellfse51TDUP8ulWb7132eG9Tmpmvu2KYR8adgEripXxCbxogJeZi01LqKMAt3rYG3AMEE-nv4OaA8l9k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E3AE4549DDB549CFBAC5EE699E0991DF&google_push=AavPq0M-eW5YOGRcRaaLf3ellfse51TDUP8ulWb7132eG9Tmpmvu2KYR8adgEripXxCbxogJeZi01LqKMAt3rYG3AMEE-nv4OaA8l9k

Request Chain 146

https://ads.travelaudience.com/google_pixel?google_gid=CAESELcWVpvl05TNUrVwGJksA18&google_cver=1&google_push=AavPq0OuCoWkiidTdTl8eML-XauFC6HenthWUsoozgwfPA22-tBb8SgziCEQpZACDNrcUvYxIqoWSyS9eyuoh9GAVKUNn8wGIbD13w8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o30DsPPfRu-EID7IrAamjQ2&google_push=AavPq0OuCoWkiidTdTl8eML-XauFC6HenthWUsoozgwfPA22-tBb8SgziCEQpZACDNrcUvYxIqoWSyS9eyuoh9GAVKUNn8wGIbD13w8

Request Chain 147

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI3xvvbgx0oVb0-ujeUibh0&google_cver=1&google_push=AavPq0MdrUegmooEbgHWwHAHkyCv1GmVfaTVG-sbpwqSTSEa5JwnL_0yR1PUm6PN64pvrxUWdM5vYpeRp4_wv1iFdyNq0Nr8fHOcBis HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEI3xvvbgx0oVb0-ujeUibh0&google_cver=1&google_push=AavPq0MdrUegmooEbgHWwHAHkyCv1GmVfaTVG-sbpwqSTSEa5JwnL_0yR1PUm6PN64pvrxUWdM5vYpeRp4_wv1iFdyNq0Nr8fHOcBis HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIwNTQzOTkzNDA3NzAxOTg4Ng&google_push=AavPq0MdrUegmooEbgHWwHAHkyCv1GmVfaTVG-sbpwqSTSEa5JwnL_0yR1PUm6PN64pvrxUWdM5vYpeRp4_wv1iFdyNq0Nr8fHOcBis

Request Chain 154

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKubHN1FH8Phw7-FQb7wWs0&google_cver=1&google_push=AavPq0MvyF1z067WZjdKUl2z1u1a3d3O860jn_r2tMM9GsE4xRgCA9qoiwzXuRGzc9SMoITvG6Qz3i5V8L8PMp7i9AxCPP3c5mUtGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0MvyF1z067WZjdKUl2z1u1a3d3O860jn_r2tMM9GsE4xRgCA9qoiwzXuRGzc9SMoITvG6Qz3i5V8L8PMp7i9AxCPP3c5mUtGw&google_hm=eS1yUnY4eU8xRTJwRnJnbjh4aGczSi42bVg3VHRfbkhfM35B

Request Chain 155

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPwfbKxbtZ2FYRLZYXfB7PA&google_cver=1&google_push=AavPq0N_BvhMW3eEh4mZdfAumlozN3Dz6RnT-9q99rcsh96i2hUgXpY4B2KitIPHj-vGqjVX59k2_hvPCk4tYQZf6SJqIFoLS4fB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPwfbKxbtZ2FYRLZYXfB7PA&google_push=AavPq0N_BvhMW3eEh4mZdfAumlozN3Dz6RnT-9q99rcsh96i2hUgXpY4B2KitIPHj-vGqjVX59k2_hvPCk4tYQZf6SJqIFoLS4fB&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPwfbKxbtZ2FYRLZYXfB7PA&google_hm=Y5y-h9qGqamIZOqFymlsvwAAApgAAAIB&google_nid=index&google_push=AavPq0N_BvhMW3eEh4mZdfAumlozN3Dz6RnT-9q99rcsh96i2hUgXpY4B2KitIPHj-vGqjVX59k2_hvPCk4tYQZf6SJqIFoLS4fB

Request Chain 156

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEId4tRGkUhWhpO_WPibBrXI&google_cver=1&google_push=AavPq0O85RGSUFt55D0joA-v931Oh3P40bEvD2_EW_3tqIpwA7ymRA57AJ-P3vSHQoTRCqc2aaqOimVOK81qrBiY6oQOJMgLOtiyRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O85RGSUFt55D0joA-v931Oh3P40bEvD2_EW_3tqIpwA7ymRA57AJ-P3vSHQoTRCqc2aaqOimVOK81qrBiY6oQOJMgLOtiyRg

Request Chain 157

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEB_k0X6_XN5jUnN8b3WmoLI&google_cver=1&google_push=AavPq0PRcFV0bUCtqSi2_07YuZAUZMTZGGBppfi4F5FmRc60_kA7ta5RkL4g3mUTUI_dL-xPSR7ruu32KsOBowynurNHFWTfdda_ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEB_k0X6_XN5jUnN8b3WmoLI&google_cver=1&google_push=AavPq0PRcFV0bUCtqSi2_07YuZAUZMTZGGBppfi4F5FmRc60_kA7ta5RkL4g3mUTUI_dL-xPSR7ruu32KsOBowynurNHFWTfdda_&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWXozTWlsRTJ1RTJyUmhiMTVFTzRxakcyU1JjcUFsc35B&google_push=AavPq0PRcFV0bUCtqSi2_07YuZAUZMTZGGBppfi4F5FmRc60_kA7ta5RkL4g3mUTUI_dL-xPSR7ruu32KsOBowynurNHFWTfdda_

Request Chain 158

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOXyav2oZ51577oVBq7Qdyw&google_cver=1&google_push=AavPq0MWr2doupQM_P3QUplC8ND_KgwBEIAEZF291BmW2zsg1TrXYImVIgTlZC_5CLlLd5tXWH7ty0HJ3lG-gSCc1L61-sWzCxme5Y8 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEOXyav2oZ51577oVBq7Qdyw%26google_cver%3D1%26google_push%3DAavPq0MWr2doupQM_P3QUplC8ND_KgwBEIAEZF291BmW2zsg1TrXYImVIgTlZC_5CLlLd5tXWH7ty0HJ3lG-gSCc1L61-sWzCxme5Y8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzg0ODAxOTc2NzA2NDY3MTIxNg%3D%3D&google_gid=CAESEOXyav2oZ51577oVBq7Qdyw&google_cver=1&google_push=AavPq0MWr2doupQM_P3QUplC8ND_KgwBEIAEZF291BmW2zsg1TrXYImVIgTlZC_5CLlLd5tXWH7ty0HJ3lG-gSCc1L61-sWzCxme5Y8

Request Chain 159

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMUjYWoqJv86aoD_uvlGuyM&google_cver=1&google_push=AavPq0O2HMY871ya7vKf_o53w8-gE5y9FMFcufLakaIpgJ9mQ5BVQ9PBB3eXO6OKfUmTzBbQj8YkK5LHQamBXRokoQQWmhKb5erSano HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMUjYWoqJv86aoD_uvlGuyM&google_cver=1&google_push=AavPq0O2HMY871ya7vKf_o53w8-gE5y9FMFcufLakaIpgJ9mQ5BVQ9PBB3eXO6OKfUmTzBbQj8YkK5LHQamBXRokoQQWmhKb5erSano HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=98f091cf-df9d-4fc7-a50d-85301c4d62d2&%%GOOGLE_PUSH_PAIR%%

164 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
userealbutter.com/
Redirect Chain

http://www.userealbutter.com/
http://userealbutter.com/

57 KB
57 KB

921ms
707ms

Document
text/html

64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 48bf829f067190e551daab4ab399e82d5a207df20bc22de93b75790691c3a8bb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Dec 2022 18:52:49 GMT
Keep-Alive: timeout=1, max=100
Link: <http://userealbutter.com/wp-json/>; rel="https://api.w.org/"
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Dec 2022 18:52:48 GMT
Keep-Alive: timeout=1, max=100
Location: http://userealbutter.com/
Server: Apache

GET
H/1.1 200
OK style.css
userealbutter.com/wp-content/themes/jenfood/ 10 KB
10 KB 391ms
197ms Stylesheet
text/css 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL: http://userealbutter.com/wp-content/themes/jenfood/style.css
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: bb433298ddb6fb0fa504c09e0294382deed3609255081e306870fdfe54d710d9

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Mon, 11 Feb 2013 04:55:33 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 9994

GET
H/1.1 200
OK sfm_style.css
userealbutter.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/ 18 KB
19 KB 392ms
198ms Stylesheet
text/css 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL: http://userealbutter.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/sfm_style.css?ver=58b13f4a297e8c0f09aa40969288f75f
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: b3e3e2fb9cf9e22ee2630d0e55e617a722e7dd668ce6edb98756875b44d605ed

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Fri, 01 Oct 2021 00:23:08 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 18703

GET
H/1.1 200
OK sfm_widgetStyle.css
userealbutter.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/ 995 B
1 KB 394ms
199ms Stylesheet
text/css 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL: http://userealbutter.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/sfm_widgetStyle.css?ver=58b13f4a297e8c0f09aa40969288f75f
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 2cb5b99876ce7bb6fe1a5643c550e576eb1dfe22a5ef98df102f57a2df5c979e

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Fri, 01 Oct 2021 00:23:08 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 995

GET
H/1.1 200
OK sbi-styles.min.css
userealbutter.com/wp-content/plugins/instagram-feed/css/ 16 KB
17 KB 393ms
199ms Stylesheet
text/css 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL: http://userealbutter.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.3.1
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Wed, 23 Mar 2022 00:49:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 16823

GET
H/1.1 200
OK sep.jpg
userealbutter.com/images/ 30 KB
30 KB 205ms
199ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/images/sep.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: bb7364a4894086bd8e98faeac4d19a9ce559bae94b5242a69f1724f6e6b43bb6

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Thu, 30 Dec 2010 01:49:02 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 30351

GET
H/1.1 200
OK baked-oats12.jpg
jenyu.net/rthumbs/ 25 KB
25 KB 418ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/rthumbs/baked-oats12.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 92d40e02cb1a584e1e8db7158b68f5cf7ccdce32096440a88683908d0b19dd43

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Mon, 06 Jun 2022 21:21:55 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 25279

GET
H/1.1 200
OK green-chile-chicken-enchiladas19.jpg
jenyu.net/rthumbs/ 25 KB
25 KB 420ms
198ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/rthumbs/green-chile-chicken-enchiladas19.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: c1ee345f7906ccf66934f3db4b44fb09139f44f8e31c4a83f874b06fe42ff549

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Thu, 19 May 2022 04:57:52 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 25348

GET
H/1.1 200
OK chow-mein10.jpg
jenyu.net/rthumbs/ 27 KB
27 KB 403ms
194ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/rthumbs/chow-mein10.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 161e4da315200f54f94f7c276e0517a397d069c5aef87744898a530ae13c7c96

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Thu, 17 Mar 2022 03:17:49 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 27818

GET
H/1.1 200
OK bakery-butter-cookies14.jpg
jenyu.net/rthumbs/ 27 KB
27 KB 403ms
195ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/rthumbs/bakery-butter-cookies14.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: f9bf96c18ed2c575c0b601b8a44b4255931656b1781cff8f992f3a283c59649e

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Mon, 24 Jan 2022 21:40:30 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 27673

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

209ms
62ms

Script
text/javascript

142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: userealbutter.com
URL: http://userealbutter.com/

Protocol

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 05:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 17 Dec 2022 05:57:31 GMT

Redirect headers

Date: Fri, 16 Dec 2022 18:24:17 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1713
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/prose/brandjs.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Fri, 16 Dec 2022 18:54:17 GMT

GET
H/1.1 200
OK snow_5-22a.jpg
jenyu.net/blog_pics/ 241 KB
241 KB 405ms
195ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/snow_5-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 0052eb2cab97a7543729095c6f50c2021b871c9e108c3cd2e41f876d5aa9eb68

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Mon, 06 Jun 2022 20:52:42 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 246283

GET
H/1.1 200
OK crimsoncolumbines_5-22a.jpg
jenyu.net/blog_pics/ 502 KB
502 KB 408ms
198ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/crimsoncolumbines_5-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: a72825f91dd3f11c154ebe42e0d9b6f2a8df7ec87c2ba60ccddfd9e889762639

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Mon, 06 Jun 2022 20:52:42 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 513890

GET
H/1.1 200
OK babygus_6-22a.jpg
jenyu.net/blog_pics/ 373 KB
373 KB 439ms
195ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/babygus_6-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 1eee05fddbbd87d0140e01af2ee16e7676ee9742fe8f9c970ea87a940d012714

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Mon, 06 Jun 2022 20:52:39 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 381612

GET
H/1.1 200
OK morel_5-22a.jpg
jenyu.net/blog_pics/ 350 KB
350 KB 446ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/morel_5-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 2dbd85c0773b1c842600ba76b5ac903d6cf169cfcf8756a576479a1d3aabb92d

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Mon, 06 Jun 2022 20:52:41 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 358068

GET
H/1.1 200
OK friedmorels_6-22a.jpg
jenyu.net/blog_pics/ 353 KB
353 KB 1029ms
200ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/friedmorels_6-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 404b0bc6f9586e03476df9d7ac6dec0727ffc8f4da21677073d9a2237f96fe03

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Mon, 06 Jun 2022 20:52:43 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 361164

GET
H/1.1 200
OK huckbakedoatmeal_5-22a.jpg
jenyu.net/blog_pics/ 361 KB
361 KB 445ms
198ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/huckbakedoatmeal_5-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 60397acc32f9354a9a34c9eb3ef6d360a42ea6a8e6b91680ba549466644fc4da

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Mon, 06 Jun 2022 20:52:43 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 369298

GET
H/1.1 200
OK baked-oats1.jpg
userealbutter.com/recipe_photos/ 270 KB
270 KB 199ms
198ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/baked-oats1.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 78da242864284f439e9dcfceb499748adc062ba48f4bed77e67837ebd2062a00

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Mon, 06 Jun 2022 21:22:40 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 276023

GET
H/1.1 200
OK baked-oats2.jpg
userealbutter.com/recipe_photos/ 195 KB
195 KB 199ms
199ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/baked-oats2.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: e4b3cc7e10449713dc9597031020383aa87d30d5c3d70190e9d0e9aac2075d94

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Mon, 06 Jun 2022 21:22:41 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 199632

GET
H/1.1 200
OK baked-oats3.jpg
userealbutter.com/recipe_photos/ 249 KB
249 KB 199ms
199ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/baked-oats3.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 8c3a13398d5cd8a092b9dd14f85dd3d9243bc21258e1270870d092b4b1669958

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Mon, 06 Jun 2022 21:22:41 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 255031

GET
H/1.1 200
OK kris_5-22.jpg
jenyu.net/blog_pics/ 334 KB
335 KB 197ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/kris_5-22.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 3e9fcd985f209a211646a4e9c68018153a5b69a6d4f687f22c55c900781edc8e

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:14 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 342466

GET
H/1.1 200
OK jen_5-21a.jpg
jenyu.net/blog_pics/ 248 KB
248 KB 196ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/jen_5-21a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 78bcf6b9c637f6ddaa1e751eebda8347f3f6228e6b43db17da0c2835df5c5b3e

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 18:15:59 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 253714

GET
H/1.1 200
OK jen_5-22a.jpg
jenyu.net/blog_pics/ 371 KB
371 KB 197ms
197ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/jen_5-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: ffb712b40663d3c58f2ac3e2b2bfaaf1ce850b67bcbc58f175867d9856e74567

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 18:15:59 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 380046

GET
H/1.1 200
OK jenmomdad_5-22a.jpg
jenyu.net/blog_pics/ 345 KB
345 KB 203ms
203ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/jenmomdad_5-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 50629437c091d1cd037c2c594dc16e1a76ff58420c9b2c4661d44e920a2710b1

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:14 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 353003

GET
H/1.1 200
OK jermomdad_5-22a.jpg
jenyu.net/blog_pics/ 373 KB
373 KB 793ms
792ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/jermomdad_5-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 42af13475a2767db6e825f9acb6ed615906e283e173ece8218c6cb9b5b51c766

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 381730

GET
H/1.1 200
OK yosemite_5-22a.jpg
jenyu.net/blog_pics/ 334 KB
334 KB 841ms
841ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/yosemite_5-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 78ef47b85d5ef153d71ae2e8b06258576f75fb458363e583ec527f318bd15fa0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 341697

GET
H/1.1 200
OK momdadyosemite_5-22.jpg
jenyu.net/blog_pics/ 358 KB
358 KB 197ms
197ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/momdadyosemite_5-22.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: ef0ad4893846aaf8e500efc6ddf3b5d80b59858aafecbbc86d423930debab4a3

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 366560

GET
H/1.1 200
OK momdadphelps_5-22.jpg
jenyu.net/blog_pics/ 365 KB
365 KB 716ms
716ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/momdadphelps_5-22.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 80a6a2146981baddc9e92b78ea1dfae31666d7fd6a37e51c12af7e5c15d21312

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 373782

GET
H/1.1 200
OK jen_phelps_5-22.jpg
jenyu.net/blog_pics/ 406 KB
406 KB 197ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/jen_phelps_5-22.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 6679bcadf5f4182ac60ed40f42bda02d1a33d1ea03b2291928c484db68de72fb

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=96
Content-Length: 415409

GET
H/1.1 200
OK jj_opusone_5-22.jpg
jenyu.net/blog_pics/ 277 KB
277 KB 196ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/jj_opusone_5-22.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 19bfee771cc9421a451095fba82d1b4ea4eb4f29d0f2bd83fdc97b302fee3b1f

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:12 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 283424

GET
H/1.1 200
OK sthelena_5-22.jpg
jenyu.net/blog_pics/ 439 KB
440 KB 197ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/sthelena_5-22.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: b07f68568484a32ffb33fd3074b04d05ee4746ba186223b63d1731dc7abff7b0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:12 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=95
Content-Length: 450001

GET
H/1.1 200
OK nevayuki_5-22a.jpg
jenyu.net/blog_pics/ 351 KB
351 KB 196ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/nevayuki_5-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: c0cdab182f89b29ca910b4b900e5a7d17befc0752901c139577379b3098a35f5

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:52 GMT
Last-Modified: Thu, 19 May 2022 04:59:12 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 359163

GET
H/1.1 200
OK green-chile-chicken-enchiladas1.jpg
userealbutter.com/recipe_photos/ 346 KB
346 KB 198ms
197ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/green-chile-chicken-enchiladas1.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 8ecb516b483a3838062c18be4c22b0aa56d0a1131a7fed8142dfc0fd8513dc5a

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Sat, 21 May 2022 04:10:56 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 354248

GET
H/1.1 200
OK green-chile-chicken-enchiladas2.jpg
userealbutter.com/recipe_photos/ 257 KB
257 KB 199ms
199ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/green-chile-chicken-enchiladas2.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 08dadde7d6c5c874026bcd9a63aad67a85e56715335c2a402f8842885b401e7f

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Sat, 21 May 2022 04:11:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 262721

GET
H/1.1 200
OK green-chile-chicken-enchiladas3.jpg
userealbutter.com/recipe_photos/ 380 KB
380 KB 196ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/green-chile-chicken-enchiladas3.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 1d54c06b58348e2c749761b0f365228c4a453e284fd2156ff7b1f04cdeeac794

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Sat, 21 May 2022 04:11:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 388817

GET
H/1.1 200
OK green-chile-chicken-enchiladas4.jpg
userealbutter.com/recipe_photos/ 342 KB
342 KB 200ms
199ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/green-chile-chicken-enchiladas4.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 59697195a011e5cba92ee4a88baf807b1ea52a716f6363b45420a2994ad0ee79

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Sat, 21 May 2022 04:11:01 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 350386

GET
H/1.1 200
OK cny22_1.jpg
jenyu.net/blog_pics/ 398 KB
398 KB 201ms
200ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/cny22_1.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 039a8faae1b0fe8bdfb0023edc2ad4684399fd90b8039f00ea4e750ecf0d87f5

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:53 GMT
Last-Modified: Tue, 15 Mar 2022 20:31:14 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 407255

GET
H/1.1 200
OK cny22_2.jpg
jenyu.net/blog_pics/ 338 KB
338 KB 204ms
204ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/cny22_2.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: ca48d4373191bd78f68f194f8abcced09c1a42c6b80d27b8f4237856bc7b834f

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:53 GMT
Last-Modified: Tue, 15 Mar 2022 20:31:15 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=94
Content-Length: 345698

GET
H/1.1 200
OK jernevayuki_2-22a.jpg
jenyu.net/blog_pics/ 265 KB
265 KB 198ms
198ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/jernevayuki_2-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: b0180518677a5d53946b6e67b63990720fcc8d2db8501e13dfb0180a2866b0a7

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:53 GMT
Last-Modified: Tue, 15 Mar 2022 20:31:14 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=96
Content-Length: 271555

GET
H/1.1 200
OK nevayukicouch_2-22a.jpg
jenyu.net/blog_pics/ 335 KB
335 KB 201ms
200ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/nevayukicouch_2-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: e3e8664093d1c3bac70ca6fbdca4c043a14d05df31fe16f20ef04e5f8c5c9730

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:53 GMT
Last-Modified: Tue, 15 Mar 2022 20:31:14 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=96
Content-Length: 342897

GET
H/1.1 200
OK jertele_2-22a.jpg
jenyu.net/blog_pics/ 252 KB
253 KB 202ms
202ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/jertele_2-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: e28a4a4e74485236314af61d81d75ce87bc78039d7e0b1340c172a7e776846eb

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:53 GMT
Last-Modified: Tue, 15 Mar 2022 20:31:14 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 258471

GET
H/1.1 200
OK nevayuki_3-22a.jpg
jenyu.net/blog_pics/ 326 KB
326 KB 203ms
203ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/nevayuki_3-22a.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 964cd5f31bbce941bc59b4d8224385aa8c6f374634c248567b087bb70b133db7

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:53 GMT
Last-Modified: Tue, 15 Mar 2022 20:31:14 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=93
Content-Length: 333624

GET
H/1.1 200
OK chow-mein1.jpg
userealbutter.com/recipe_photos/ 381 KB
381 KB 198ms
197ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/chow-mein1.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 58c6a2f3083e9f6887083d9be0dde85fc435657993390f388846ebcd361642c0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Tue, 15 Mar 2022 20:32:46 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 390245

GET
H/1.1 200
OK chow-mein2.jpg
userealbutter.com/recipe_photos/ 385 KB
385 KB 198ms
197ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/chow-mein2.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 4845375fff6ec6faef2f3167b1b79dd684bfbb537018dc5847c73d06e9d85886

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Tue, 15 Mar 2022 20:32:46 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 394089

GET
H/1.1 200
OK chow-mein3.jpg
userealbutter.com/recipe_photos/ 378 KB
378 KB 201ms
201ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/chow-mein3.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 123292efad206b3f02ffe3010a3b4c1b693127f1a750cc0be04ccf975da1b4fd

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Tue, 15 Mar 2022 20:32:46 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=97
Content-Length: 387084

GET
H/1.1 200
OK chow-mein4.jpg
userealbutter.com/recipe_photos/ 213 KB
213 KB 198ms
197ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/recipe_photos/chow-mein4.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 87b41be1e0f9458b66f092992db6e173b6b82078e7241ee5a253b1187d1e2d3e

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Tue, 15 Mar 2022 20:32:46 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=96
Content-Length: 217832

GET
H/1.1 200
OK jennevayuki19.jpg
jenyu.net/blog_pics/ 534 KB
534 KB 439ms
196ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jenyu.net/blog_pics/jennevayuki19.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 4b54757f8abfa0df0c9b75a327a4fc1e34d21b4960415b82dd7015958f04b189

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Fri, 01 Oct 2021 03:37:55 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 546560

GET
H/1.1 200
OK placeholder.png
userealbutter.com/wp-content/plugins/instagram-feed/img/ 176 B
417 B 229ms
198ms Image
image/png 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Last-Modified: Wed, 23 Mar 2022 00:49:41 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=98
Content-Length: 176

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 99 KB
36 KB 167ms
105ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: userealbutter.com
URL: http://userealbutter.com/

Protocol

HTTP/1.1

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

dc2c83fecfa8ad6ffbe551e696534de452b1213a4600db6b7c06c84cdc0c3f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7584739235448843842
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 36207
X-XSS-Protection: 0
Expires: Fri, 16 Dec 2022 18:52:50 GMT

GET
H/1.1

200
OK

fpi.js Show response
ap.lijit.com/www/delivery/
Redirect Chain

http://ap.lijit.com/www/delivery/fpi.js
https://ap.lijit.com/www/delivery/fpi.js

5 KB
3 KB

176ms
60ms

Script
text/javascript

72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 18:52:50 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"6390d276-1540"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Location: https://ap.lijit.com/www/delivery/fpi.js
Content-length: 0

GET
H2

200

pinit.js Show response
assets.pinterest.com/js/
Redirect Chain

http://assets.pinterest.com/js/pinit.js
https://assets.pinterest.com/js/pinit.js

361 B
448 B

216ms
47ms

Script
application/javascript

104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: H2
Server: 104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=183
accept-ranges: bytes
content-length: 203

Redirect headers

Location: https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK wp-embed.min.js Show response
userealbutter.com/wp-includes/js/ 1 KB
2 KB 205ms
199ms Script
application/javascript 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL: http://userealbutter.com/wp-includes/js/wp-embed.min.js?ver=58b13f4a297e8c0f09aa40969288f75f
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Sun, 19 Mar 2017 03:54:09 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 1398

GET
H/1.1 200
OK jquery.js Show response
userealbutter.com/wp-includes/js/jquery/ 95 KB
95 KB 204ms
198ms Script
application/javascript 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL: http://userealbutter.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Sun, 19 Mar 2017 03:54:09 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 97184

GET
H/1.1 200
OK jquery-migrate.min.js Show response
userealbutter.com/wp-includes/js/jquery/ 10 KB
10 KB 205ms
199ms Script
application/javascript 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL: http://userealbutter.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Sun, 19 Mar 2017 03:54:09 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 10056

GET
H/1.1 200
OK sbi-scripts.min.js Show response
userealbutter.com/wp-content/plugins/instagram-feed/js/ 26 KB
26 KB 203ms
197ms Script
application/javascript 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL: http://userealbutter.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.3.1
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 25ea523d2867c1c5a6e150aa0b4df05d77a1a97c5256061dfbfc32d45743be79

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Wed, 23 Mar 2022 00:49:35 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=99
Content-Length: 26184

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

175ms
58ms

Script
text/javascript

142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: userealbutter.com
URL: http://userealbutter.com/

Protocol

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 17:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5824
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 16 Dec 2022 19:15:46 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK may11.jpg
userealbutter.com/wp-content/themes/jenfood/images/ 64 KB
64 KB 388ms
195ms Image
image/jpeg 64.64.24.127
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://userealbutter.com/wp-content/themes/jenfood/images/may11.jpg
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/wp-content/themes/jenfood/style.css
Protocol: HTTP/1.1
Server: 64.64.24.127 San Jose, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS: vps.jenyuphotography.com
Software: Apache /
Resource Hash: 551ce1f0fb021f9a784efb05469a421d00822b546a823f158254e55237a62965

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/wp-content/themes/jenfood/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Last-Modified: Fri, 13 May 2011 04:43:18 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 65602

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 62ms
61ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=803656934&t=pageview&_s=1&dl=http%3A%2F%2Fuserealbutter.com%2F&ul=en-us&de=UTF-8&dt=use%20real%20butter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABCAAAACAAI~&jid=854522704&gjid=467308813&cid=1658744456.1671216771&tid=UA-8340683-1&_gid=1048126748.1671216771&_r=1&_slc=1&z=750233966

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://userealbutter.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://userealbutter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
118 KB 264ms
119ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1442263880097098&plah=userealbutter.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

81c54ac22a26dc38dd2c3c3cee12711d9245d83aedf7bbb4e9645a7cb91c84e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119959
x-xss-protection: 0
server: cafe
etag: 17209742368304883739
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 18:52:51 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
2 KB 166ms
53ms Image
image/png 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: userealbutter.com
URL: http://userealbutter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f4.1e100.net

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 02:04:45 GMT
x-content-type-options: nosniff
age: 319686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 13 Dec 2023 02:04:45 GMT

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 30CA 80 KB
18 KB 125ms
125ms Script
text/javascript 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fpi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fcc5ada8cc56a76efada75936c6a614116a2e339ac18c72322a4ccce8057c93d

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2022 17:52:05 GMT
Server: nginx
ETag: W/"6390d2c5-14179"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
X-Sovrn-Pod: ad_ap2ams1
Expires: Sat, 17 Dec 2022 18:52:50 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 68ms
68ms Script
application/javascript 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.7044900786259973
Requested by: Host: assets.pinterest.com
URL: http://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=150
accept-ranges: bytes
content-length: 18679

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 30CA 180 B
551 B 57ms
57ms Script
application/x-javascript 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=112622&tid=47723fb33227438cbce0069e43b5ed10b772a5e4&mode=1&dmn=userealbutter.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 683b2bb862c2027272d2b5de8995821b47364fdc9073a9a05dc2f45e98cfb38f

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 162

GET
H2 200 319541377_201323122461983_236336886428266550_n.jpg
scontent-fml2-1.cdninstagram.com/v/t51.29350-15/ 217 KB
218 KB 593ms
196ms Image
image/jpeg 157.240.206.63
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fml2-1.cdninstagram.com/v/t51.29350-15/319541377_201323122461983_236336886428266550_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=2nfhDamxvCUAX-JBtYI&_nc_ht=scontent-fml2-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfB_z-4czSRhd5F3LRuQ-XDzeCr96vqN8dFSC2X_m1hakQ&oe=63A1A104
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.206.63 Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS: instagram-p3-shv-01-fml2.fbcdn.net
Software: /
Resource Hash: 838db6e729dea68116004be91a4f94144d6c2c74e5aa3053cf62b61f8f8b25a3

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:51 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 12 Dec 2022 03:39:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=977048622
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 977048622
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 222547

GET
H2 200 318542340_439538551712448_6008288079677570818_n.jpg
scontent-fml2-1.cdninstagram.com/v/t51.29350-15/ 345 KB
346 KB 593ms
197ms Image
image/jpeg 157.240.206.63
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fml2-1.cdninstagram.com/v/t51.29350-15/318542340_439538551712448_6008288079677570818_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=AHJ-0dl2vMUAX_9MB0Y&_nc_ht=scontent-fml2-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCwU_zuvuH-zUOd3kWDud5RxupDZaexvMr5YccFOtH4mw&oe=63A1F1D1
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.206.63 Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS: instagram-p3-shv-01-fml2.fbcdn.net
Software: /
Resource Hash: d2a2a0e82bf89d2a6a7cf045017204a24a7347bca04c2128977380a5b7f4aed1

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-haystack-needlechecksum: 3648269665
date: Fri, 16 Dec 2022 18:52:51 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 07 Dec 2022 00:18:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1484561124
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1484561124
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 353515

GET
H2 200 318547149_691961999219487_6500354858253396515_n.jpg
scontent-fml2-1.cdninstagram.com/v/t51.29350-15/ 472 KB
473 KB 592ms
197ms Image
image/jpeg 157.240.206.63
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fml2-1.cdninstagram.com/v/t51.29350-15/318547149_691961999219487_6500354858253396515_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=7B0pe2Lq1uIAX_CzNOG&_nc_ht=scontent-fml2-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfC1MVZeiVD8qKNh1ujVo-n37-34xpuOcneCmM1mBkqfng&oe=63A1BF50
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.206.63 Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS: instagram-p3-shv-01-fml2.fbcdn.net
Software: /
Resource Hash: f647a49a0bfde0fca5a0b2892028297d269df3c7d4f57cba5b437fe82abeb4b7

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-haystack-needlechecksum: 3412001311
date: Fri, 16 Dec 2022 18:52:51 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 05 Dec 2022 00:07:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2638840795
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2638840795
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 483574

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame 30CA 827 B
992 B 71ms
71ms Script
application/x-javascript 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=112622&tid=a_112622_2b60b5dd7403433380c242c740bfee85&cb=undefined&mode=1&ifr=true&od=userealbutter.com&time=18%3A52%3A51&fd=1&be=cr&loc=http%3A%2F%2Fuserealbutter.com%2F&orig_loc=http%3A%2F%2Fuserealbutter.com%2F&abf=false&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_112622_2b60b5dd7403433380c242c740bfee85
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 46a1071b43cdbdf267c24917df90d94bd4b3d532a0fa3e030213b8522e7bfb69

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 603

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame 30CA 0
199 B 195ms
48ms Script
text/plain 23.44.77.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1/d/t.dhj?dmn=userealbutter.com&pn=%2F&pubid=jenyu&v0=22819
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.77.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-77-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Fri, 16 Dec 2022 19:52:51 GMT

GET
H/1.1 204
No Content beacon
gslbeacon.lijit.com/ Frame 4D98 0
0 179ms
63ms Document
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_112622_2b60b5dd7403433380c242c740bfee85&rand=6391&informer=4174529&type=fpads&loc=http%3A%2F%2Fuserealbutter.com%2F&v=1.2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://userealbutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Fri, 16 Dec 2022 18:52:51 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap6ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 30CA 4 KB
4 KB 58ms
58ms Script
application/json 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=112622&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 71a60e5ef648fdd99c5041bccf8e88c686eeafc2e275056f81ae29280d2fa285

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 18:52:51 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: application/json
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 3981
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap2ams1.lijit.com/data/ Frame 30CA 43 B
169 B 179ms
58ms Image
image/gif 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap2ams1.lijit.com/data/fp?tid=a_112622_2b60b5dd7403433380c242c740bfee85&zoneid=112622&starttime=1671216771071&adcfg=2&adcfg_response=88&addelivery=91&addelivery_response=163&lgfired=165&beacon=167&container=168&EOL=168&ctstart=0&elapsed_ms=168
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

204
No Content

t.dhj Show response
pxdrop.lijit.com/1/d/ Frame 30CA
Redirect Chain

http://pxdrop.lijit.com/1/d/t.dhj?dmn=userealbutter.com&GDPR_v2=&pubid=jenyu
https://pxdrop.lijit.com/1/d/t.dhj?dmn=userealbutter.com&GDPR_v2=&pubid=jenyu

0
199 B

81ms
47ms

Script
text/plain

23.44.77.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1/d/t.dhj?dmn=userealbutter.com&GDPR_v2=&pubid=jenyu
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Server: 23.44.77.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-77-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Fri, 16 Dec 2022 19:52:51 GMT

Redirect headers

Location: https://pxdrop.lijit.com/1/d/t.dhj?dmn=userealbutter.com&GDPR_v2=&pubid=jenyu
Date: Fri, 16 Dec 2022 18:52:51 GMT
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame 30CA 43 B
169 B 63ms
63ms Image
image/gif 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_112622_2b60b5dd7403433380c242c740bfee85&zoneid=112622&cid=18&geo=SE&all_tags=590%2C604&tss=62&fired_tags=590&count=1&status=1%2C8&elapsed_ms=62
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 18:52:51 GMT
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
698 B 178ms
63ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=userealbutter.com&callback=_gfp_s_&client=ca-pub-1442263880097098&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1442263880097098&plah=userealbutter.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f1ee876d40ac83b2377afc07d8007a4ce7110dd0fa3bdabc3b30568abdeb4443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
792 B 176ms
62ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=userealbutter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 233ms
84ms Script
application/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=userealbutter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D505 80 KB
27 KB 616ms
470ms Document
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=5995444990&adk=3894105007&adf=2967099449&pi=t.ma~as.5995444990&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770876&bpp=29&bdt=930&idt=438&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=4208776245271&frm=20&pv=2&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1081&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=H5XpeGOOy1&p=http%3A//userealbutter.com&dtd=459

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e9adbe540c20b137e4298489255a392283b11c6e9eae91e0b5963599142e2a75

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJDbitDn_vsCFdFFHgIdirwEnA&gqi=g76cY_7FIMTCiQbS0a_gDg&layout=/sadbundle/%24csp%253Der3%24/14111330587700625408/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://userealbutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27071
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJDbitDn_vsCFdFFHgIdirwEnA&gqi=g76cY_7FIMTCiQbS0a_gDg&layout=/sadbundle/%24csp%253Der3%24/14111330587700625408/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:51 GMT
expires: Fri, 16 Dec 2022 18:52:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F263 72 KB
30 KB 529ms
395ms Document
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=6442770196&adk=471578359&adf=3449149223&pi=t.ma~as.6442770196&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770906&bpp=2&bdt=960&idt=436&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&prev_slotnames=5995444990&correlator=4208776245271&frm=20&pv=1&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1716&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bUAH5rm65T&p=http%3A//userealbutter.com&dtd=440

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

66ed8e598292a76c5e4f103292b1cf27f2fd6430d15df73a97aee1a25eb1bbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://userealbutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29647
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:51 GMT
expires: Fri, 16 Dec 2022 18:52:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F263 0
0 232ms
105ms Fetch
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsJDGg76cY6mMIY_IZaPri-AKh_TV0m3_6JSxgRGE85O-nDEQASDojssRYPGt_IWkH6ABhu-rlQLIAQKoAwHIA8kEqgTzAU_Q-DaOr6JrSYlBC73p68DrbP04pW9gdK1W7TCoD15FZlauJ5HR9GqpjXZFynV23ykcnPMq__D54h7ez9pqvbdgn6pvGZ4wzUXIGZLyz91u8Y_cYj-rl7xC918TuaO3VmGDoAl1XBAZpa45WcDlxb4EhygApXbMqheI80cqivowo7tZAmcJBAkZa0iwdMxhyuleDXWQLPEqvttmUeAPW0NZpaPnHhrBT-hEFVP8jZK3_Ks0u13IdBEPdjeXA4bQfU8wff4hOcDhIrZ7yFXBXYRnVsk9EZNUj4Rx4opozvNZ94ibC9bIgG-CaEq1d4hed1tLq8AEgeXMjv0DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-KQ1OoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrOQC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMTQ0MjI2Mzg4MDA5NzA5OBgA&sigh=EgkQ8ECXfLM&uach_m=[UACH]&cid=CAQSGwDq26N9wylUvNM0VeSJFODPlf9jHXw1LpT_fRgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=6442770196&adk=471578359&adf=3449149223&pi=t.ma~as.6442770196&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770906&bpp=2&bdt=960&idt=436&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&prev_slotnames=5995444990&correlator=4208776245271&frm=20&pv=1&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1716&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bUAH5rm65T&p=http%3A//userealbutter.com&dtd=440

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=6442770196&adk=471578359&adf=3449149223&pi=t.ma~as.6442770196&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770906&bpp=2&bdt=960&idt=436&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&prev_slotnames=5995444990&correlator=4208776245271&frm=20&pv=1&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1716&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bUAH5rm65T&p=http%3A//userealbutter.com&dtd=440
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Dec 2022 18:52:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Dec 2022 18:52:52 GMT

GET
H2 200 7925103758569258186
tpc.googlesyndication.com/daca_images/simgad/ Frame F263 47 KB
47 KB 331ms
184ms Image
image/png 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7925103758569258186

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

8f47862e0019bb76cd37f42031bb82995114d7d8b8798ec5641531c0d304fb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 16:08:02 GMT
x-content-type-options: nosniff
age: 96290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48289
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 12:00:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Dec 2023 16:08:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F263 23 KB
9 KB 208ms
69ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 07:04:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F263 3 KB
1 KB 265ms
126ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 07:04:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F263 18 KB
7 KB 218ms
80ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F263 153 KB
47 KB 258ms
144ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 18:52:52 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F263 34 KB
14 KB 300ms
162ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:23:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 2612990788289469886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:23:12 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/ Frame D242 97 KB
27 KB 180ms
130ms Document
text/html 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=5995444990&adk=3894105007&adf=2967099449&pi=t.ma~as.5995444990&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770876&bpp=29&bdt=930&idt=438&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=4208776245271&frm=20&pv=2&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1081&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=H5XpeGOOy1&p=http%3A//userealbutter.com&dtd=459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

d56b98b9442f625855f4fa5f857136393e3eaee0701f9c0da8071278ebbae069

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 503190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25693
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 23:06:22 GMT
expires: Sun, 10 Dec 2023 23:06:22 GMT
last-modified: Tue, 12 Jul 2022 08:25:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D505 0
0 133ms
106ms Fetch
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqf7mg76cY9CNIdGL-cAPivmS4Am75KLQbdek-I2gEKzc4qmzMBABIOiOyxFg8a38haQfoAGI2-3OA8gBCakCS4_4J6ngsT6oAwHIAwKqBOgBT9BFhKF-HwaTo5jbna6lEmu4FOCyw6QwKsYKExBXb1zu1QcLHGD7j6ZQQQex3kD6WBqLWzsChRnUY49_-mT8HOXkwHAqEM4Nscqj6c93Yktk-yR1xgmrrJS2fv288GQH4xFIYhD4j69G8GBNWmD46FUo4D3geXJKGDTNLzGciRxT2BHASuHYSfmpLKbgHe4lUOQyRuypUAcyj5WJk0G___tDosqoKSGL7gQbV7MQTZoORM8u3bghVqBZp-6fGEmAyC9HutBMomHP35_mWXEcB2sB8uw4euUlJniEN1bZ8g4op9OPnh4CqMAEsfjysMwBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB-CkkjGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCCtwnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNDQyMjYzODgwMDk3MDk4GAA&sigh=H_3ch0yqQcg&uach_m=[UACH]&cid=CAQSGwDq26N9H7BfG64kXJDMfyGWFFLZsVlC3A49oxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=5995444990&adk=3894105007&adf=2967099449&pi=t.ma~as.5995444990&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770876&bpp=29&bdt=930&idt=438&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=4208776245271&frm=20&pv=2&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1081&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=H5XpeGOOy1&p=http%3A//userealbutter.com&dtd=459
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Dec 2022 18:52:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Dec 2022 18:52:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCE3 143 B
166 B 88ms
62ms Document
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=5995444990&adk=3894105007&adf=2967099449&pi=t.ma~as.5995444990&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770876&bpp=29&bdt=930&idt=438&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=4208776245271&frm=20&pv=2&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1081&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=H5XpeGOOy1&p=http%3A//userealbutter.com&dtd=459
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:41:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D505 3 KB
1 KB 174ms
127ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 07:04:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D505 18 KB
8 KB 110ms
63ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D505 153 KB
47 KB 95ms
73ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 18:52:52 GMT

GET
H2 200 /
log.pinterest.com/ 0
333 B 140ms
73ms Image
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=BNTjJrYWcUHp&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fuserealbutter.com%2F&viaSrc=canonical
Requested by: Host: userealbutter.com
URL: http://userealbutter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 16 Dec 2022 18:52:52 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 3
x-pinterest-rid: 4527094559760655
content-length: 0
x-served-by: cache-bma1672-BMA
pragma: no-cache
server: envoy
x-timer: S1671216772.108416,VS0,VE43
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCE3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

86ms
86ms

Document
text/html

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:52 GMT
expires: Fri, 16 Dec 2022 18:52:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D505 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeb5711b8bb49d3dd019234018423f8b90dac9731afae03d8aa6e9a4cea078f9

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E2AD 143 B
166 B 65ms
63ms Document
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&h=600&slotname=6442770196&adk=471578359&adf=3449149223&pi=t.ma~as.6442770196&w=160&lmt=1671216771&url=http%3A%2F%2Fuserealbutter.com%2F&wgl=1&dt=1671216770906&bpp=2&bdt=960&idt=436&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&prev_slotnames=5995444990&correlator=4208776245271&frm=20&pv=1&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1185&ady=1716&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=3191363317482379&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bUAH5rm65T&p=http%3A//userealbutter.com&dtd=440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:41:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame F06C 247 B
962 B 615ms
480ms Document
text/html 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

1862bb96bff3102ada190f1c91af7683c46f30868ba808c1c01a422eae752f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-UvlES9Py91KfPJ5VL0RWvA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame D242 3 KB
1 KB 180ms
62ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:regular|Poppins:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

f51b9e37727efdf06fcda2eee0d3042d8e91578ba41383a11bb199df8773ce4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 18:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 18:47:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 18:52:52 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D242 16 KB
6 KB 312ms
62ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 04:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 17 Dec 2022 04:12:58 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D242 34 KB
13 KB 318ms
69ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 17 Dec 2022 15:59:13 GMT

GET
DATA 200
OK truncated
/ Frame F263 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 906b654699eb8060d92aa2608813bf84093bc8f0cb893ae9a2e74c063e9d8d4c

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E2AD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

85ms
85ms

Document
text/html

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:52 GMT
expires: Fri, 16 Dec 2022 18:52:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame D242 8 KB
8 KB 168ms
55ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:regular|Poppins:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:04:56 GMT
x-content-type-options: nosniff
age: 74876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:04:56 GMT

GET
H3 200 azul_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/ Frame D242 16 KB
16 KB 63ms
63ms Image
image/png 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/azul_1.png

Requested by

Host: userealbutter.com
URL: http://userealbutter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

c633b8b9749d6b389312c815a4a57fae1b7f3b52f35783cea8106e837e9d6100

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 10 Dec 2022 23:06:24 GMT
x-content-type-options: nosniff
age: 503188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16844
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 08:25:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 23:06:24 GMT

GET
H3 200 rojo_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/ Frame D242 16 KB
16 KB 100ms
100ms Image
image/png 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/rojo_1.png

Requested by

Host: userealbutter.com
URL: http://userealbutter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

5e1ea3a3b0a6bf317e70e290caca233cba5c2a5528c5daced089542f01371ccf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 10 Dec 2022 23:06:24 GMT
x-content-type-options: nosniff
age: 503188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15902
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 08:25:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 23:06:24 GMT

GET
H3 200 Screenshot_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/ Frame D242 36 KB
36 KB 78ms
77ms Image
image/jpeg 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/Screenshot_1.jpg

Requested by

Host: userealbutter.com
URL: http://userealbutter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

c025889b1f06dee035186584acf014abcff928341d17b3f8fb772f4e0c8ef41c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 10 Dec 2022 23:06:24 GMT
x-content-type-options: nosniff
age: 503188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36814
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 08:25:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 23:06:24 GMT

GET
H3 200 iframe.html Show response
p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame F06C 4 KB
2 KB 182ms
65ms Document
text/html 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

93a18a6cb226c952467acb3e73c04e2e976359feb1b53e04865c09137462ab9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1861
content-security-policy-report-only: script-src 'nonce-lm69vu1zoEjujtX2rtyyvA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Screenshot_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/ Frame D242 36 KB
36 KB 62ms
62ms Image
image/jpeg 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14111330587700625408/Screenshot_1.jpg

Requested by

Host: userealbutter.com
URL: http://userealbutter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

c025889b1f06dee035186584acf014abcff928341d17b3f8fb772f4e0c8ef41c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 10 Dec 2022 23:06:24 GMT
x-content-type-options: nosniff
age: 503188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36814
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 08:25:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 23:06:24 GMT

GET
DATA 200
OK truncated
/ Frame D242 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B89A 36 KB
16 KB 188ms
62ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 19:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 19:50:35 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
49 KB 148ms
147ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

0600a76eba660e3c9b414fa1294a743b5464af36508adccbd399a7fe3333b2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49634
x-xss-protection: 0
server: cafe
etag: 1757565098872748736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 18:52:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 233ms
108ms XHR
application/json 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

ee17c811b0c2eebacecf6c3e56d868341bf2abbd838d3d72e94505156c4b69fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12543
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 7DE3 10 KB
4 KB 63ms
62ms Document
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://userealbutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 57803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 02:49:30 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 02:49:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
122 B 212ms
84ms Script
application/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=userealbutter.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 212ms
84ms Script
application/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=userealbutter.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F05 224 KB
52 KB 881ms
880ms Document
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1442263880097098&output=html&adk=1812271804&adf=3025194257&lmt=1671216773&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x1080_l%7C236x1080_r&format=0x0&url=http%3A%2F%2Fuserealbutter.com%2F&ea=0&pra=7&wgl=1&dt=1671216773553&bpp=3&bdt=3607&idt=3&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2a8a125abf1957eb-2292521115da0030%3AT%3D1671216771%3ART%3D1671216771%3AS%3DALNI_MZgK1StNPnjcEK9snb029oa1yWo_w&gpic=UID%3D00000b9386a49148%3AT%3D1671216771%3ART%3D1671216771%3AS%3DALNI_MZchsNV1dEHnflNKYu8pVaArtugNg&prev_slotnames=5995444990%2C6442770196&nras=1&correlator=4208776245271&frm=20&pv=1&ga_vid=1658744456.1671216771&ga_sid=1671216771&ga_hid=803656934&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&psts=ACgb8tuj15JZoTMzNDrheoP0fNLomRySh-9NnG4ukG-SlirDtdpIzaHPIpNMRWIsqDVFKp2LpHpz0j1yPfuwbbU%2CACgb8tst6d0CHY71niiKbKJfOSAlSOrmJkoVbWSDyP2V9-c0N2TVCaC7E8tkOIMHr9Fk-N36rCT13M-8mErfMOYsgQ&pvsid=3191363317482379&tmod=1291015597&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

674005b2f0f7345de9473e45b3621e72a841e357d9b5ed2a8f1e54ff94413370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://userealbutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 52882
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 113ms
113ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 18:52:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A832 13 KB
5 KB 63ms
62ms Document
text/html 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://userealbutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 104222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 13:55:51 GMT
expires: Fri, 15 Dec 2023 13:55:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 95E2 783 B
534 B 63ms
63ms Document
text/html 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f4.1e100.net

Software

GSE /

Resource Hash

22ca4dcabd063fd4535b67b378b88f5f72cfddccb8ce700c08c0d0816b514973

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IM1yZuLOyqhttBbQ0BNqjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://userealbutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-IM1yZuLOyqhttBbQ0BNqjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:52:53 GMT
expires: Fri, 16 Dec 2022 18:52:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 95E2 0
0 94ms
94ms Image
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3191363317482379&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s43-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A832 36 KB
16 KB 63ms
62ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 19:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 19:50:35 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 139ms
139ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

d0ce876436680a700941c7a3994d814430123af28cdd69e9bcf9b296be0b2c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52347
x-xss-protection: 0
server: cafe
etag: 1920515656204554960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 18:52:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A832 0
10 B 62ms
61ms Image
text/plain 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_9esmg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.180.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s34-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
122 B 87ms
87ms Script
application/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=userealbutter.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 88ms
85ms Script
application/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=userealbutter.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame BD86 10 KB
4 KB 63ms
62ms Document
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://userealbutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 50438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 04:52:16 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 04:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 2A74 10 KB
4 KB 66ms
66ms Document
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://userealbutter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 50438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 04:52:16 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 04:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame BD86 9 KB
4 KB 190ms
63ms Script
text/javascript 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 01:19:26 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame BD86 10 KB
4 KB 196ms
70ms Script
text/javascript 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 14:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 14:10:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BD86 8 KB
895 B 180ms
67ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 18:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 17:23:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 18:52:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BD86 2 KB
765 B 66ms
63ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:18:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame BD86 23 KB
9 KB 67ms
63ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 07:04:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BD86 3 KB
1 KB 72ms
69ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 07:04:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BD86 18 KB
7 KB 67ms
64ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD86 153 KB
47 KB 179ms
66ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 18:52:55 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame BD86 34 KB
14 KB 185ms
62ms Script
text/javascript 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 22:26:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2A74 2 KB
765 B 62ms
62ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:18:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2A74 23 KB
9 KB 64ms
61ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 07:04:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2A74 3 KB
1 KB 73ms
71ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 07:04:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2A74 18 KB
7 KB 67ms
65ms Script
text/javascript 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A74 153 KB
47 KB 172ms
88ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 18:52:55 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 2A74 34 KB
14 KB 171ms
77ms Script
text/javascript 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 22:26:46 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ABBB 1 KB
643 B 63ms
62ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 41091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sat, 17 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame ABBB
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGon5oQBNP3BpY9-ajTTHxg&google_cver=1&google_push=AavPq0Oc875D8VoUGZ7WVFoQLl-mdi7Si5FrKWPZV9oGSVNt9oFiO75gd7Vh4mhF6fBYnGcCGhme9c-kzmWdXgoI6znM_LLrIQyOR1Q
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUxMTYyNDQ1MzUxMjc1NDA4MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGon5oQBNP3BpY9-ajTTHxg&google_cver=1

43 B
398 B

91ms
51ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGon5oQBNP3BpY9-ajTTHxg&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGon5oQBNP3BpY9-ajTTHxg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABBB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFB0K3cKxyuELfnXDYLYYQM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFB0K3cKxyuELfnXDYLYYQM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U1g5akl5cXMxUDZmUGg1&google_gid=CAESEFB0K3cKxyuELfnXDYLYYQM&google_cver=1&google_push=AavPq0NGOjW90lAyidkOfcCuUg57cYoE7QT7DHTI1yWjham...

170 B
188 B

119ms
71ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U1g5akl5cXMxUDZmUGg1&google_gid=CAESEFB0K3cKxyuELfnXDYLYYQM&google_cver=1&google_push=AavPq0NGOjW90lAyidkOfcCuUg57cYoE7QT7DHTI1yWjhamFmqDyy2m-0Tl3DNMekQ6W_KOfBdszwWrF2RYgT4Uiwk-apN9PcvMhug

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 18:52:55 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0f25e10db9e73ae52@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U1g5akl5cXMxUDZmUGg1&google_gid=CAESEFB0K3cKxyuELfnXDYLYYQM&google_cver=1&google_push=AavPq0NGOjW90lAyidkOfcCuUg57cYoE7QT7DHTI1yWjhamFmqDyy2m-0Tl3DNMekQ6W_KOfBdszwWrF2RYgT4Uiwk-apN9PcvMhug
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABBB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFflIuRaCz-p4qJE88WQg-Q&google_cver=1&google_push=AavPq0NcgpuJ8y_775ySAjpEUgSvlexOBHBBfMd-NZyua2vzpfkduMsNBtmiJerPxU9Tec-SpuRVmuhDBuevJ0Ma...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0NcgpuJ8y_775ySAjpEUgSvlexOBHBBfMd-NZyua2vzpfkduMsNBtmiJerPxU9Tec-SpuRVmuhDBuevJ0MaUbme4qg1mRP5bw

170 B
188 B

179ms
70ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0NcgpuJ8y_775ySAjpEUgSvlexOBHBBfMd-NZyua2vzpfkduMsNBtmiJerPxU9Tec-SpuRVmuhDBuevJ0MaUbme4qg1mRP5bw

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 16 Dec 2022 18:52:55 GMT
Server: MT3 254 34fcae8 master zrh-pixel-x12 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0NcgpuJ8y_775ySAjpEUgSvlexOBHBBfMd-NZyua2vzpfkduMsNBtmiJerPxU9Tec-SpuRVmuhDBuevJ0MaUbme4qg1mRP5bw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 16 Dec 2022 18:52:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABBB
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFxbJvtQRU4LpQYrpeWn9-0&google_cver=1&google_push=AavPq0M-eW5YOGRcRaaLf3ellfse51TDUP8ulWb7132eG9Tmpmvu2KYR8adgEripXxCbxogJeZi01LqKMAt3rYG3AMEE-nv4OaA8l9k
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E3AE4549DDB549CFBAC5EE699E0991DF&google_push=AavPq0M-eW5YOGRcRaaLf3ellfse51TDUP8ulWb7132eG9Tmpmvu2KYR8adgEripXxCbxogJeZi01LqKMAt3rYG...

170 B
188 B

192ms
70ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E3AE4549DDB549CFBAC5EE699E0991DF&google_push=AavPq0M-eW5YOGRcRaaLf3ellfse51TDUP8ulWb7132eG9Tmpmvu2KYR8adgEripXxCbxogJeZi01LqKMAt3rYG3AMEE-nv4OaA8l9k

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 16 Dec 2022 18:52:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E3AE4549DDB549CFBAC5EE699E0991DF&google_push=AavPq0M-eW5YOGRcRaaLf3ellfse51TDUP8ulWb7132eG9Tmpmvu2KYR8adgEripXxCbxogJeZi01LqKMAt3rYG3AMEE-nv4OaA8l9k
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 15 Dec 2022 18:52:55 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame ABBB 0
191 B 173ms
48ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHBwLWLkWwJ9zJ7jMCfZd6U&google_cver=1&google_push=AavPq0PJntM3aja-X1YGq6jHjikJQkxUG68DMNJnSsvvGoNJGjit_V80uNroQKa1QA4nzxzn1VRnXAoGspLyKjKFKNvLMiVYGsaUhk4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 16 Dec 2022 18:52:54 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ABBB
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELcWVpvl05TNUrVwGJksA18&google_cver=1&google_push=AavPq0OuCoWkiidTdTl8eML-XauFC6HenthWUsoozgwfPA22-tBb8SgziCEQpZACDNrcUvYxIqoWSyS9eyuoh9GA...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o30DsPPfRu-EID7IrAamjQ2&google_push=AavPq0OuCoWkiidTdTl8eML-XauFC6HenthWUsoozgwfPA22-tBb8SgziCEQpZACDNrcUvYxIqoWSyS9eyuoh9GAVKUNn8wGIbD13w8

170 B
329 B

69ms
62ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o30DsPPfRu-EID7IrAamjQ2&google_push=AavPq0OuCoWkiidTdTl8eML-XauFC6HenthWUsoozgwfPA22-tBb8SgziCEQpZACDNrcUvYxIqoWSyS9eyuoh9GAVKUNn8wGIbD13w8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 16 Dec 2022 18:52:55 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o30DsPPfRu-EID7IrAamjQ2&google_push=AavPq0OuCoWkiidTdTl8eML-XauFC6HenthWUsoozgwfPA22-tBb8SgziCEQpZACDNrcUvYxIqoWSyS9eyuoh9GAVKUNn8wGIbD13w8
x-host: tde-deliveryengine-production-769c9db745-v2klc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABBB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI3xvvbgx0oVb0-ujeUibh0&google_cver=1&google_push=AavPq0MdrUegmooEbgHWwHAHkyCv1GmVfaTVG-sbpwqSTSEa5JwnL_0yR1PUm6PN64pvrxUWdM5vYpeR...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEI3xvvbgx0oVb0-ujeUibh0&google_cver=1&google_push=AavPq0MdrUegmooEbgHWwHAHkyCv1GmVfaTVG-sbpwqSTSEa5JwnL_0yR1PUm6PN64pvrxUWdM5...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIwNTQzOTkzNDA3NzAxOTg4Ng&google_push=AavPq0MdrUegmooEbgHWwHAHkyCv1GmVfaTVG-sbpwqSTSEa5JwnL_0yR1PUm6PN64pvrxUWdM5vYp...

170 B
188 B

140ms
63ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIwNTQzOTkzNDA3NzAxOTg4Ng&google_push=AavPq0MdrUegmooEbgHWwHAHkyCv1GmVfaTVG-sbpwqSTSEa5JwnL_0yR1PUm6PN64pvrxUWdM5vYpeRp4_wv1iFdyNq0Nr8fHOcBis

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIwNTQzOTkzNDA3NzAxOTg4Ng&google_push=AavPq0MdrUegmooEbgHWwHAHkyCv1GmVfaTVG-sbpwqSTSEa5JwnL_0yR1PUm6PN64pvrxUWdM5vYpeRp4_wv1iFdyNq0Nr8fHOcBis
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame ABBB 0
223 B 180ms
60ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JSJOmi0bIMHvkMCny8OJN-6LkV0N5coY2ZnVR7tqH5aFdzGgpMIS0MmOPjW7hp2jhpsz7X

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5664160566828079546/ Frame BD86 7 KB
7 KB 63ms
63ms Image
image/png 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5664160566828079546/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

4967497bf203ce180a348826931b796a26b57b94b0f67567bbc210b4fb07063e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:34:59 GMT
x-content-type-options: nosniff
age: 379076
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7449
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 13:24:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Dec 2023 09:34:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BD86 0
0 106ms
106ms Fetch
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5Ay5hb6cY_G_J7uS-cAPx82cCNDc77dty_KEkMYQlL-1q64BEAEg6I7LEWDxrfyFpB-gAbeYgaIoyAEBqQI_jnD8oz97PqgDAaoE5wFP0FOS60vAjTL79e-U0bTWlbnLbheIjTaxbgp2tx6tbwQCE4L2Y6LhMjVwUIQaJuzdqTnqFgmV1LaLKbfMq-r4D1e7pBvPaob8gNTNWb9smx2lHbe_d6f9A4bWraT70BN3T46i6hkGp-hfH4EcPuS7O3QZDfd2XJIEcv6voeZoQKUeekz-b3Jai5Fq843kbABHKYqJ0FbdhwxpToLierIE61kTj358mjTTzQtSGWISs2TqyXNCFEq7lLrKW27g8Eeea-dIVaoJyJwUxtTNawJH7YoC_QEnIe_owLNhyiu6HHFwQhD1bJTABKbUhKWKBJIFBAgEGAGSBQQIBRgEgAfTnfviA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK3EAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMCiBQB0BUBgBcBshccChoIABIUcHViLTE0NDIyNjM4ODAwOTcwOTgYAA&sigh=0ofXiH_X7EQ&uach_m=[UACH]&cid=CAQSOwDq26N9gbjlrk7PF_1Pw25DrXigC3P57nHll5BPM94iwgLel1mhnhq7BNEImm0pvzVzFY06rFoYtykxGAEgEw&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Dec 2022 18:52:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1EF4 1 KB
643 B 63ms
62ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 41092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sat, 17 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BD86 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 275fdb301e34d3ef110600de37282e61d155ca782644aacff314651c8d7fceff

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 1EF4 0
104 B 253ms
101ms Image
text/plain 63.215.202.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMdMMs3Vnx4mWFUWuNf0cZw&google_cver=1&google_push=AavPq0P2asjrJ54tvN6p0SMu56NvUz4-xnfXkxJAbMnua8UB9753uA6pNvFpBefDb-szs1tGSkhk0bGpjk8NOgQT3_0OpJm4zQ3ZnQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-login.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EF4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKubHN1FH8Phw7-FQb7wWs0&google_cver=1&google_push=AavPq0MvyF1z067WZjdKUl2z1u1a3d3O860jn_r2tMM9GsE4xRgCA9qoiwzXuRGzc9SMoITvG6Qz3i5V8L8PMp7i9AxCPP3...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0MvyF1z067WZjdKUl2z1u1a3d3O860jn_r2tMM9GsE4xRgCA9qoiwzXuRGzc9SMoITvG6Qz3i5V8L8PMp7i9AxCPP3c5mUtGw&google_hm=eS1yUnY4eU8xRTJwRnJn...

170 B
188 B

64ms
63ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0MvyF1z067WZjdKUl2z1u1a3d3O860jn_r2tMM9GsE4xRgCA9qoiwzXuRGzc9SMoITvG6Qz3i5V8L8PMp7i9AxCPP3c5mUtGw&google_hm=eS1yUnY4eU8xRTJwRnJnbjh4aGczSi42bVg3VHRfbkhfM35B

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 16 Dec 2022 18:52:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0MvyF1z067WZjdKUl2z1u1a3d3O860jn_r2tMM9GsE4xRgCA9qoiwzXuRGzc9SMoITvG6Qz3i5V8L8PMp7i9AxCPP3c5mUtGw&google_hm=eS1yUnY4eU8xRTJwRnJnbjh4aGczSi42bVg3VHRfbkhfM35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EF4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPwfbKxbtZ2FYRLZYXfB7PA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPwfbKxbtZ2FYRLZYXfB7PA&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPwfbKxbtZ2FYRLZYXfB7PA&google_hm=Y5y-h9qGqamIZOqFymlsvwAAApgAAAIB&google_nid=index&google_push=AavPq0N_BvhMW3eEh4mZdfAumlozN3Dz6RnT-...

170 B
188 B

65ms
65ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPwfbKxbtZ2FYRLZYXfB7PA&google_hm=Y5y-h9qGqamIZOqFymlsvwAAApgAAAIB&google_nid=index&google_push=AavPq0N_BvhMW3eEh4mZdfAumlozN3Dz6RnT-9q99rcsh96i2hUgXpY4B2KitIPHj-vGqjVX59k2_hvPCk4tYQZf6SJqIFoLS4fB

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ98NwiTrt6UtmKUg5qEJ%2Bd8qbDgBIbfTyiCWRUgJD%2BlHTrUVqJ5gQlZ1H%2BvDsTyKZ2QW3smxZVfZvGuQveWF8AWJsg%2BlF5zYlaIFn%2BJmUfFAjlKDYtJGjBi0CGp7nj1CEjqZBLOMILBJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPwfbKxbtZ2FYRLZYXfB7PA&google_hm=Y5y-h9qGqamIZOqFymlsvwAAApgAAAIB&google_nid=index&google_push=AavPq0N_BvhMW3eEh4mZdfAumlozN3Dz6RnT-9q99rcsh96i2hUgXpY4B2KitIPHj-vGqjVX59k2_hvPCk4tYQZf6SJqIFoLS4fB
cache-control: no-cache
cf-ray: 77a99e6e8fb509af-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EF4
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEId4tRGkUhWhpO_WPibBrXI&google_cver=1&google_push=AavPq0O85RGSUFt55D0joA-v931Oh3P40bEvD2_EW_3tqIpwA7ymRA57AJ-P3vSHQoTRCqc2aaqOimVOK81qrBiY...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O85RGSUFt55D0joA-v931Oh3P40bEvD2_EW_3tqIpwA7ymRA57AJ-P3vSHQoTRCqc2aaqOimVOK81qrBiY6oQOJMgLOtiyRg

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O85RGSUFt55D0joA-v931Oh3P40bEvD2_EW_3tqIpwA7ymRA57AJ-P3vSHQoTRCqc2aaqOimVOK81qrBiY6oQOJMgLOtiyRg

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 16 Dec 2022 18:52:55 GMT
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O85RGSUFt55D0joA-v931Oh3P40bEvD2_EW_3tqIpwA7ymRA57AJ-P3vSHQoTRCqc2aaqOimVOK81qrBiY6oQOJMgLOtiyRg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: nITTv21YD6xHSZCh8Zbw7I0kN-9c1ZLbIdrEV1adW_0Sow47ZbtZTg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EF4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEB_k0X6_XN5jUnN8b3WmoLI&google_cver=1&google_push=AavPq0PRcFV0bUCtqSi2_07YuZAUZMTZGGBppfi4F5FmRc60_kA7ta5RkL4g3mUTUI_dL-xPSR...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEB_k0X6_XN5jUnN8b3WmoLI&google_cver=1&google_push=AavPq0PRcFV0bUCtqSi2_07YuZAUZMTZGGBppfi4F5FmRc60_kA7ta5RkL4g3mUTUI_dL-xPSR...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWXozTWlsRTJ1RTJyUmhiMTVFTzRxakcyU1JjcUFsc35B&google_push=AavPq0PRcFV0bUCtqSi2_07YuZAUZMTZGGBppfi4F5FmRc60_kA7ta5Rk...

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWXozTWlsRTJ1RTJyUmhiMTVFTzRxakcyU1JjcUFsc35B&google_push=AavPq0PRcFV0bUCtqSi2_07YuZAUZMTZGGBppfi4F5FmRc60_kA7ta5RkL4g3mUTUI_dL-xPSR7ruu32KsOBowynurNHFWTfdda_

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWXozTWlsRTJ1RTJyUmhiMTVFTzRxakcyU1JjcUFsc35B&google_push=AavPq0PRcFV0bUCtqSi2_07YuZAUZMTZGGBppfi4F5FmRc60_kA7ta5RkL4g3mUTUI_dL-xPSR7ruu32KsOBowynurNHFWTfdda_
date: Fri, 16 Dec 2022 18:52:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EF4
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOXyav2oZ51577oVBq7Qdyw&google_cver=1&google_push=AavPq0MWr2doupQM_...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEOXyav2oZ51577oVBq7Qdyw%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzg0ODAxOTc2NzA2NDY3MTIxNg%3D%3D&google_gid=CAESEOXyav2oZ51577oVBq7Qdyw&google_cver=1&google_push=AavPq0MWr2doupQM_P3QUplC8ND_KgwBEI...

170 B
188 B

63ms
63ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzg0ODAxOTc2NzA2NDY3MTIxNg%3D%3D&google_gid=CAESEOXyav2oZ51577oVBq7Qdyw&google_cver=1&google_push=AavPq0MWr2doupQM_P3QUplC8ND_KgwBEIAEZF291BmW2zsg1TrXYImVIgTlZC_5CLlLd5tXWH7ty0HJ3lG-gSCc1L61-sWzCxme5Y8

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 16 Dec 2022 18:52:55 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.147.213.55; 185.147.213.55; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 899592f5-adb3-46d0-b9ed-d36bcd23d832
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzg0ODAxOTc2NzA2NDY3MTIxNg%3D%3D&google_gid=CAESEOXyav2oZ51577oVBq7Qdyw&google_cver=1&google_push=AavPq0MWr2doupQM_P3QUplC8ND_KgwBEIAEZF291BmW2zsg1TrXYImVIgTlZC_5CLlLd5tXWH7ty0HJ3lG-gSCc1L61-sWzCxme5Y8
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EF4
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMUjYWoqJ...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMU...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=98f091cf-df9d-4fc7-a50d-85301c4d62d2&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

64ms
62ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=98f091cf-df9d-4fc7-a50d-85301c4d62d2&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=98f091cf-df9d-4fc7-a50d-85301c4d62d2&%%GOOGLE_PUSH_PAIR%%
date: Fri, 16 Dec 2022 18:52:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1EF4 0
49 B 62ms
60ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kw0v8zKmahSNXcLACNfH6tMYbHYN5fmEoMEzlr0oc92m8MQRwz5FBO2Tro9fWARXQqGiekhDBE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 16310420922274058578
tpc.googlesyndication.com/daca_images/simgad/ Frame 2A74 8 KB
8 KB 144ms
143ms Image
image/jpeg 142.250.180.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16310420922274058578?w=180&h=320

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f1.1e100.net

Software

sffe /

Resource Hash

ac38e34dc6837cb77096f7682223f5cd526ddde20fede40af2545dc8d260b8b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:52:55 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7991
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 10:03:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Dec 2022 18:52:55 GMT

GET
DATA 200
OK truncated
/ Frame 2A74 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98d841642246ff955c080f3b23cf108ff2a02dfefbaf02c7a0118def7cfbe591

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E3ED 36 KB
16 KB 66ms
63ms Script
text/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: userealbutter.com
URL: http://userealbutter.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 19:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 19:50:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A74 0
17 B 106ms
105ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7yJthb6cY_K_J7uS-cAPx82cCPzFuvxthoXywNwP6Yj86dIIEAEg6I7LEWDxrfyFpB-gAbeYgaIoyAEBqQI_jnD8oz97PqgDAcgDywSqBPIBT9DxFfy_E2c-5y4QC0N85UHPhOdd2adoxXgLZ9cn4qLIy8NTjMv9_GeannKw3e6dVgeIW_XNRjdqPlQ-NNxlPMS51hSZwQdnz5_fSdxcZFKQotGoQII2b-usGz4-BNh9QCM4wGzHRFOsv7JqJyEbGTmeHPdomPL-3-ZlM9TlejH9JouumlvFkn0bNJOZugBiRH-zosbhQah0yQVZe6SJcwiBJe54GKPbMcu7lGDqx9Ptz2mWlcl-OuOY6bJu2i-d29EUrt5SA7YlJSPjXtIIKipLHRmg635jQHjjyse9_E8ymkoNp4emlpV104jvHgKUUe_ABPjs9JaGBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAexm_msA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL7wBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTE0NDIyNjM4ODAwOTcwOTgYAA&sigh=2vHBohkKQL0&uach_m=[UACH]&cid=CAQSOwDq26N9gbjlrk7PF_1Pw25DrXigC3P57nHll5BPM94iwgLel1mhnhq7BNEImm0pvzVzFY06rFoYtykxGAEgEw&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Dec 2022 18:52:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BD86 42 B
64 B 107ms
105ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHDQIljS3r8kfhTpE355YqHU7bN_Aq46WHJsTWo4o7LXkX2GMw5Zcsxoc21xeZKFejpQvJ1lE0UsxtQphn7uR2FkDvOiGGFzY8qr-1jXTprsj4KSiCkBGmm4LIivLlJefB9jQlZA&sai=AMfl-YTKvFuCk3gODZFOY544Wq0h5sAs6A80xj9nTSar7IoQNs5R7Ii3T-Vm2uYIer7jHQA_C10Jh8whQZpvcCwwCYaZ-LmIjLDe_8C3i99T3pd7qAa3wTdy30MaLTNr4g&sig=Cg0ArKJSzGUSCiyoTIYxEAE&cid=CAQSOwDq26N9gbjlrk7PF_1Pw25DrXigC3P57nHll5BPM94iwgLel1mhnhq7BNEImm0pvzVzFY06rFoYtykxGAEgEw&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=153,836,1000,1000,1000&tos=153,683,164,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1671216774781&rpt=431&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A74 42 B
64 B 105ms
102ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudsoTsNHpl1F7lxCOaVmhX05Uc95DtAlTfeqjo53yJloaDCx6zIacjnOyHO4qmD29-FO2MMFieNpRZheEDLP2_FEffZ_0Pt5B0c2qyACzjCcENhkuFvxx-rg4R8XvQnryMZw15-Q&sai=AMfl-YQbaC413oG7JVj9srPxVfQcN2XNJa1N-zdGpESxCSQpSqmoWDyIZVkEZluefyb3vV9DZRBHsh7j3X1vZ31iAz0JAuTU4YcBUawFGKWvrvHzb8fhebxkaMgvZ-II6Q&sig=Cg0ArKJSzB7Zs53rx_UREAE&cid=CAQSOwDq26N9gbjlrk7PF_1Pw25DrXigC3P57nHll5BPM94iwgLel1mhnhq7BNEImm0pvzVzFY06rFoYtykxGAEgEw&id=lidar2&mcvt=1002&p=-90,0,410,180&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1671216774792&rpt=435&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:52:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
97ms Image
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3191363317482379&bg=!cnGlcTXNAAYgquz3AKo7ACkAdvg8WpLyMxcMDGvP1Po08S8INRRvsU7IapOJOfTpdxraO2Voj47d6AIAAABwUgAAAAJoAQeZAtTXZ7L1ecIEyqBi8mFesKWojxxSqiW4kYIQYPf3ljfC99k8w06sBt25lA84grO9CZaRUT_IcpwozOwVx5zO3KG31Z5ivo7dmHt3G15UAXarxBHR_FXyiaMSPA7in3WA7j-R0UhrznkV24w0dMbhl1oCWyBQDNH33kZ3jF5wbrU03rL4Anxs4FNZ_T0l1yPb4uT_H2XeqO4okoEy9fk5ia9IWYAkSDX1fTDhayLUrSstJfZM2_3bbwBAOW7jaeGWHj5E06uFVHtdFuWwk1h7BINmfQQc2dqSkfeXNLLsEVCa8JNmKmqYbn9NXZm7cgx4UjtcxpeGPJGTqxlhYr1_CB3MxtIYzo90svu8MOjq034asWBs5b65zBqFyMinP2YQ67S5ktmIrCyY1yHLX13xFOw2-uhJL4sr-5oXpyoON7JKeI-j48m7YAqhyrcN07e9cbk_N4WOi-aY8yEc9RjZ1xJQgtkQE8FIaY4XivZCMjUCEx_4gURpPzZHAIjyMCPJ_LXaOerNmA_EO--MjoCMAyc8gRjw51k5itZwAF0v9VTG6ewr3ABMPW9C32KruCyxMJiYz-vmrfulai7JQb2rp8TjWYt-EE62UEiO4-XfwwgNisVX-VArz5OxGPnxQVsXwE-E3iZ4F-SeYNiZf67SLYTVVK--wC0gaMWvALdSR4BTJVBAKim-r1oLcsLbtNWlmpgtQJkZ0Zy_Zdk9_nhIUYgUuHwDSNrwH9DRr1m5VdTGnn02icanxNAGAOID6iCCp03oYTS6Y5RviZpWv7E_4a4Kvgy8WS-v96_kgj4p9cMqQym2Kl1o1WaBgJ8Raj2Nr8y7YxXkwf6_eR7R4tMFuQ-Ld4pAETMJ9_wYBWMHb--7wAAR1QQpbyJ4H6KSZsR59kNhSJjVV36lfGij2203PjGDg_xEXzTgONlbJAIJrciHor2Tfh85MpWP__fmXfHfqbMcnAM4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s43-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://userealbutter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.userealbutter.com/	1970-01-20 17:49:36	Name: _ga Value: GA1.2.1658744456.1671216771
.userealbutter.com/	1970-01-20 08:15:03	Name: _gid Value: GA1.2.1048126748.1671216771
.userealbutter.com/	1970-01-20 08:13:36	Name: _gat Value: 1
.lijit.com/	1970-01-20 08:56:48	Name: ctag Value:
.userealbutter.com/	1970-01-20 17:35:12	Name: __gads Value: ID=2a8a125abf1957eb-2292521115da0030:T=1671216771:RT=1671216771:S=ALNI_MZgK1StNPnjcEK9snb029oa1yWo_w
.userealbutter.com/	1970-01-20 17:35:12	Name: __gpi Value: UID=00000b9386a49148:T=1671216771:RT=1671216771:S=ALNI_MZchsNV1dEHnflNKYu8pVaArtugNg
.doubleclick.net/	1970-01-20 17:35:12	Name: IDE Value: AHWqTUkuQ-vwYiWOmzdAMZSyVDp2GQgFrlFewjZ3u6igiUBEN5Gl9LAns7Hzv_xXtgo
.doubleclick.net/	1970-01-20 08:13:40	Name: DSID Value: NO_DATA
.travelaudience.com/	1970-01-20 17:43:51	Name: _tracker Value: %7B%22UUID%22%3A%22A37D03B0-F3DF-46EF-8420-3EC8AC06A68D%22%7D
.adform.net/	1970-01-20 08:58:15	Name: C Value: 1
.simpli.fi/	1970-01-20 17:00:39	Name: suid Value: E3AE4549DDB549CFBAC5EE699E0991DF
.mathtag.com/	1970-01-20 17:39:31	Name: uuid Value: 77a7639c-be87-4500-ba01-aaff061b8ed2
.mathtag.com/	1970-01-20 08:56:48	Name: mt_mop Value: 4:1671216775
.turn.com/	1970-01-20 12:32:48	Name: uid Value: 7511624453512754080
.w55c.net/	1970-01-20 17:43:51	Name: wfivefivec Value: SX9jIyqs1P6fPh5
.adform.net/	1970-01-20 09:40:00	Name: uid Value: 5205439934077019886
.w55c.net/	1970-01-20 08:56:48	Name: matchgoogle Value: 5
.adnxs.com/	1970-01-20 10:23:12	Name: uuid2 Value: 7848019767064671216
.casalemedia.com/	1970-01-20 16:59:12	Name: CMID Value: Y5y.h9qGqamIZOqFymlsvwAA
.casalemedia.com/	1970-01-20 10:23:12	Name: CMPS Value: 664
.casalemedia.com/	1970-01-20 10:23:12	Name: CMPRO Value: 664
.analytics.yahoo.com/	1970-01-20 16:59:12	Name: IDSYNC Value: 18yx~28vu
.yahoo.com/	1970-01-20 16:59:34	Name: A3 Value: d=AQABBIe-nGMCEJvlGzATCjvIlxzQ_17iNe4FEgEBAQEQnmOmYwAAAAAA_eMAAA&S=AQAAAqfKSDHYOna8bllYWlVqEfo
.bidswitch.net/	1970-01-20 16:59:12	Name: tuuid Value: 98f091cf-df9d-4fc7-a50d-85301c4d62d2
.bidswitch.net/	1970-01-20 16:59:12	Name: c Value: 1671216775
.bidswitch.net/	1970-01-20 16:59:12	Name: tuuid_lu Value: 1671216775
.casalemedia.com/	1970-01-20 10:23:12	Name: CMTS Value: 4437

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-1442263880097098&fa=1&ifi=5&uci=a!5&btvi=2&xpc=EaCvJsi7kZ&p=http%3A//userealbutter.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.se
ap.lijit.com
assets.pinterest.com
c1.adform.net
cm.g.doubleclick.net
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gslbeacon.lijit.com
jenyu.net
log.pinterest.com
p4-axsfuy4oinjpi-ztb4ve2agaruztvg-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pxdrop.lijit.com
r.turn.com
s.ad.smaato.net
scontent-fml2-1.cdninstagram.com
secure.adnxs.com
ssum-sec.casalemedia.com
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
userealbutter.com
vap2ams1.lijit.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.userealbutter.com
x.bidswitch.net
104.18.33.19
104.84.56.209
13.32.27.108
142.250.180.194
142.250.180.225
142.250.185.163
142.250.185.170
142.250.186.142
142.250.186.162
142.250.186.163
142.250.186.34
142.250.201.195
142.251.208.162
142.251.39.66
151.101.0.84
157.240.206.63
172.217.16.132
172.217.18.2
185.29.132.245
185.89.210.141
216.52.2.30
23.44.77.178
3.126.18.125
3.126.56.137
3.75.169.179
35.190.0.66
35.204.158.49
37.157.6.254
46.228.164.11
52.50.178.15
63.215.202.140
64.64.24.127
72.251.249.13
98.98.134.241
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0052eb2cab97a7543729095c6f50c2021b871c9e108c3cd2e41f876d5aa9eb68
039a8faae1b0fe8bdfb0023edc2ad4684399fd90b8039f00ea4e750ecf0d87f5
0600a76eba660e3c9b414fa1294a743b5464af36508adccbd399a7fe3333b2a8
08dadde7d6c5c874026bcd9a63aad67a85e56715335c2a402f8842885b401e7f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
123292efad206b3f02ffe3010a3b4c1b693127f1a750cc0be04ccf975da1b4fd
161e4da315200f54f94f7c276e0517a397d069c5aef87744898a530ae13c7c96
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1862bb96bff3102ada190f1c91af7683c46f30868ba808c1c01a422eae752f16
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19bfee771cc9421a451095fba82d1b4ea4eb4f29d0f2bd83fdc97b302fee3b1f
1d54c06b58348e2c749761b0f365228c4a453e284fd2156ff7b1f04cdeeac794
1eee05fddbbd87d0140e01af2ee16e7676ee9742fe8f9c970ea87a940d012714
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
22ca4dcabd063fd4535b67b378b88f5f72cfddccb8ce700c08c0d0816b514973
25ea523d2867c1c5a6e150aa0b4df05d77a1a97c5256061dfbfc32d45743be79
275fdb301e34d3ef110600de37282e61d155ca782644aacff314651c8d7fceff
2cb5b99876ce7bb6fe1a5643c550e576eb1dfe22a5ef98df102f57a2df5c979e
2dbd85c0773b1c842600ba76b5ac903d6cf169cfcf8756a576479a1d3aabb92d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3e9fcd985f209a211646a4e9c68018153a5b69a6d4f687f22c55c900781edc8e
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
404b0bc6f9586e03476df9d7ac6dec0727ffc8f4da21677073d9a2237f96fe03
42af13475a2767db6e825f9acb6ed615906e283e173ece8218c6cb9b5b51c766
46a1071b43cdbdf267c24917df90d94bd4b3d532a0fa3e030213b8522e7bfb69
4845375fff6ec6faef2f3167b1b79dd684bfbb537018dc5847c73d06e9d85886
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bf829f067190e551daab4ab399e82d5a207df20bc22de93b75790691c3a8bb
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4967497bf203ce180a348826931b796a26b57b94b0f67567bbc210b4fb07063e
4b54757f8abfa0df0c9b75a327a4fc1e34d21b4960415b82dd7015958f04b189
50629437c091d1cd037c2c594dc16e1a76ff58420c9b2c4661d44e920a2710b1
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
551ce1f0fb021f9a784efb05469a421d00822b546a823f158254e55237a62965
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58c6a2f3083e9f6887083d9be0dde85fc435657993390f388846ebcd361642c0
59697195a011e5cba92ee4a88baf807b1ea52a716f6363b45420a2994ad0ee79
5e1ea3a3b0a6bf317e70e290caca233cba5c2a5528c5daced089542f01371ccf
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60397acc32f9354a9a34c9eb3ef6d360a42ea6a8e6b91680ba549466644fc4da
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
6679bcadf5f4182ac60ed40f42bda02d1a33d1ea03b2291928c484db68de72fb
66ed8e598292a76c5e4f103292b1cf27f2fd6430d15df73a97aee1a25eb1bbd6
674005b2f0f7345de9473e45b3621e72a841e357d9b5ed2a8f1e54ff94413370
683b2bb862c2027272d2b5de8995821b47364fdc9073a9a05dc2f45e98cfb38f
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
71a60e5ef648fdd99c5041bccf8e88c686eeafc2e275056f81ae29280d2fa285
78bcf6b9c637f6ddaa1e751eebda8347f3f6228e6b43db17da0c2835df5c5b3e
78da242864284f439e9dcfceb499748adc062ba48f4bed77e67837ebd2062a00
78ef47b85d5ef153d71ae2e8b06258576f75fb458363e583ec527f318bd15fa0
80a6a2146981baddc9e92b78ea1dfae31666d7fd6a37e51c12af7e5c15d21312
81c54ac22a26dc38dd2c3c3cee12711d9245d83aedf7bbb4e9645a7cb91c84e6
838db6e729dea68116004be91a4f94144d6c2c74e5aa3053cf62b61f8f8b25a3
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d
87b41be1e0f9458b66f092992db6e173b6b82078e7241ee5a253b1187d1e2d3e
8c3a13398d5cd8a092b9dd14f85dd3d9243bc21258e1270870d092b4b1669958
8ecb516b483a3838062c18be4c22b0aa56d0a1131a7fed8142dfc0fd8513dc5a
8f47862e0019bb76cd37f42031bb82995114d7d8b8798ec5641531c0d304fb18
906b654699eb8060d92aa2608813bf84093bc8f0cb893ae9a2e74c063e9d8d4c
92d40e02cb1a584e1e8db7158b68f5cf7ccdce32096440a88683908d0b19dd43
93a18a6cb226c952467acb3e73c04e2e976359feb1b53e04865c09137462ab9b
964cd5f31bbce941bc59b4d8224385aa8c6f374634c248567b087bb70b133db7
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
98d841642246ff955c080f3b23cf108ff2a02dfefbaf02c7a0118def7cfbe591
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a72825f91dd3f11c154ebe42e0d9b6f2a8df7ec87c2ba60ccddfd9e889762639
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
ac38e34dc6837cb77096f7682223f5cd526ddde20fede40af2545dc8d260b8b5
aeb5711b8bb49d3dd019234018423f8b90dac9731afae03d8aa6e9a4cea078f9
b0180518677a5d53946b6e67b63990720fcc8d2db8501e13dfb0180a2866b0a7
b07f68568484a32ffb33fd3074b04d05ee4746ba186223b63d1731dc7abff7b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e3e2fb9cf9e22ee2630d0e55e617a722e7dd668ce6edb98756875b44d605ed
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb433298ddb6fb0fa504c09e0294382deed3609255081e306870fdfe54d710d9
bb7364a4894086bd8e98faeac4d19a9ce559bae94b5242a69f1724f6e6b43bb6
c025889b1f06dee035186584acf014abcff928341d17b3f8fb772f4e0c8ef41c
c0cdab182f89b29ca910b4b900e5a7d17befc0752901c139577379b3098a35f5
c1ee345f7906ccf66934f3db4b44fb09139f44f8e31c4a83f874b06fe42ff549
c633b8b9749d6b389312c815a4a57fae1b7f3b52f35783cea8106e837e9d6100
ca48d4373191bd78f68f194f8abcced09c1a42c6b80d27b8f4237856bc7b834f
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d0ce876436680a700941c7a3994d814430123af28cdd69e9bcf9b296be0b2c01
d2a2a0e82bf89d2a6a7cf045017204a24a7347bca04c2128977380a5b7f4aed1
d56b98b9442f625855f4fa5f857136393e3eaee0701f9c0da8071278ebbae069
dc2c83fecfa8ad6ffbe551e696534de452b1213a4600db6b7c06c84cdc0c3f58
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e28a4a4e74485236314af61d81d75ce87bc78039d7e0b1340c172a7e776846eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8664093d1c3bac70ca6fbdca4c043a14d05df31fe16f20ef04e5f8c5c9730
e4b3cc7e10449713dc9597031020383aa87d30d5c3d70190e9d0e9aac2075d94
e9adbe540c20b137e4298489255a392283b11c6e9eae91e0b5963599142e2a75
ee17c811b0c2eebacecf6c3e56d868341bf2abbd838d3d72e94505156c4b69fe
ef0ad4893846aaf8e500efc6ddf3b5d80b59858aafecbbc86d423930debab4a3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ee876d40ac83b2377afc07d8007a4ce7110dd0fa3bdabc3b30568abdeb4443
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f51b9e37727efdf06fcda2eee0d3042d8e91578ba41383a11bb199df8773ce4c
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f647a49a0bfde0fca5a0b2892028297d269df3c7d4f57cba5b437fe82abeb4b7
f9bf96c18ed2c575c0b601b8a44b4255931656b1781cff8f992f3a283c59649e
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fcc5ada8cc56a76efada75936c6a614116a2e339ac18c72322a4ccce8057c93d
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffb712b40663d3c58f2ac3e2b2bfaaf1ce850b67bcbc58f175867d9856e74567

userealbutter.com Open in urlscan Pro 64.64.24.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

57 %HTTPS

0 %IPv6

27 Domains

39 Subdomains

24 IPs

7 Countries

14754 kBTransfer

16450 kBSize

27 Cookies

6 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userealbutter.com Open in urlscan Pro
64.64.24.127 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

57 %
HTTPS

0 %
IPv6

27
Domains

39
Subdomains

24
IPs

7
Countries

14754 kB
Transfer

16450 kB
Size

27
Cookies

164 HTTP transactions
5 data transactions