alllayedout.com Open in urlscan Pro
192.99.200.55 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://alllayedout.com/
Submission: On March 23 via manual (March 23rd 2022, 7:35:57 pm UTC) from PL — Scanned from CA

Summary HTTP 85 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 10 domains to perform 85 HTTP transactions. The main IP is 192.99.200.55, located in Canada and belongs to OVH, FR. The main domain is alllayedout.com.

This is the only time alllayedout.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	192.99.200.55 192.99.200.55	16276 (OVH) (OVH)
10	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4006:80a::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
2 3	2607:f8b0:400... 2607:f8b0:4006:80d::2004	15169 (GOOGLE) (GOOGLE)
85	15

26 192.99.200.55 (Canada)

ASN16276 (OVH, FR)
PTR: united.windservers.com

alllayedout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:816::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:80a::2001 (Queens, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2004 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	615 KB
26	alllayedout.com alllayedout.com	300 KB
11	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	76 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	48 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	72 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 13075	914 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	649 B
85	10

	Domain	Requested by
26	alllayedout.com	alllayedout.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	alllayedout.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google-analytics.com	alllayedout.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ca	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
85	14

This site contains links to these domains. Also see Links.

Domain
www.pimpmaspace.com
www.fanpal.com
www.worldnation.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://alllayedout.com/
Frame ID: BD12BB83B5D66AF90325C36D505F0E57
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=600&adk=2310048651&adf=4182599024&w=160&lmt=1648064152&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0066CC&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152542&bpp=21&bdt=127&idt=179&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&correlator=933062968674&frm=20&pv=2&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=60&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=V8g3lsymyV&p=http%3A//alllayedout.com&dtd=198
Frame ID: B9A16F32FF3C2EF913151546080280CA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=150&adk=2184839780&adf=2031664413&w=180&lmt=1648064152&ad_type=text_image&format=180x150_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=179F17&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152567&bpp=11&bdt=152&idt=182&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x600_as&correlator=933062968674&frm=20&pv=1&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=809&ady=1339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mdMy0heqs8&p=http%3A//alllayedout.com&dtd=185
Frame ID: 75B92C93814EED9871D7D293BABD405F
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html
Frame ID: 67EEF7AB6D705D5A6A55610A59B72C75
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 11977A13E75EBD0BBDABED246F4EDEAB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9DC6205510D2C7179E933818C4EE9800
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Frame ID: 66F0A12F1600E6C3EE1A426AFEAC8559
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: 7D49DCF2BB8584FCCFF4346D4543A3F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&adk=1812271804&adf=3025194257&lmt=1648064154&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Falllayedout.com%2F&ea=0&pra=7&wgl=1&dt=1648064154022&bpp=1&bdt=1606&idt=1&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db06a8c9c692f97c5-22099382f8d10025%3AT%3D1648064152%3ART%3D1648064152%3AS%3DALNI_MZ17Y9DOCGfkBOQ3VqTGmlWygcHNA&prev_fmts=160x600_as%2C180x150_as&nras=1&correlator=933062968674&frm=20&pv=1&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&psts=AGkb-H-zlVCWLUpS_auRxaXClSn-UyrRFABteN-XOl_DQfELh3afLsnX3I0XCbE2GIaAu0TAC4Rruwhy2ae-_i4%2CAGkb-H88ox_1JtREulavYsRcQRlhHBoUQYx1vGhHdFKfpHctyDP95SKgeA5-YdXm9RPU40s2t1LdOL7wt-jwRhkE&pvsid=3611294796574428&pem=620&tmod=1068576747&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=24
Frame ID: E9EE19DC84A2A8E0CB2A2F5653F331BA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 787D2B4AB29F32C709364F4C6BA690F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C48A22A673A1FF20D040F8197A1A721
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook, Twitter & Google+ Backgrounds, Comments, Images, Pics, Covers & More! | AllLayedOut.com

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

85
Requests

65 %
HTTPS

86 %
IPv6

10
Domains

14
Subdomains

15
IPs

2
Countries

1136 kB
Transfer

2148 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.pimpmaspace.com/
Title: Cute Layouts

Search URL Search Domain Scan URL

URL: http://www.fanpal.com/celebrities/letterX
Title: Write to Celebs

Search URL Search Domain Scan URL

URL: http://www.worldnation.org/
Title: World Nation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 28

http://www.google-analytics.com/plugins/ua/linkid.js HTTP 307
https://www.google-analytics.com/plugins/ua/linkid.js

Request Chain 30

http://www.google-analytics.com/collect?v=1&_v=j96&a=149352024&t=pageview&_s=1&dl=http%3A%2F%2Falllayedout.com%2F&ul=en-us&de=UTF-8&dt=Facebook%2C%20Twitter%20%26%20Google%2B%20Backgrounds%2C%20Comments%2C%20Images%2C%20Pics%2C%20Covers%20%26%20More!%20%7C%20AllLayedOut.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgAAj~&jid=1491954893&gjid=1103688739&cid=508702639.1648064153&tid=UA-1607622-4&_gid=984688819.1648064153&z=48599363 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j96&a=149352024&t=pageview&_s=1&dl=http%3A%2F%2Falllayedout.com%2F&ul=en-us&de=UTF-8&dt=Facebook%2C%20Twitter%20%26%20Google%2B%20Backgrounds%2C%20Comments%2C%20Images%2C%20Pics%2C%20Covers%20%26%20More!%20%7C%20AllLayedOut.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgAAj~&jid=1491954893&gjid=1103688739&cid=508702639.1648064153&tid=UA-1607622-4&_gid=984688819.1648064153&z=48599363

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

85 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
alllayedout.com/ 32 KB
32 KB 5867ms
5715ms Document
text/html 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: c1fe0d92f0584a501dc9cf7bcc685dc2ec56725bae26f5d788b760d3dac30651

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Date: Wed, 23 Mar 2022 19:35:46 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK standard.css
alllayedout.com/css/ 18 KB
18 KB 12ms
11ms Stylesheet
text/css 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://alllayedout.com/css/standard.css
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: efe7efd6edba5809be4f90a68b8980f253e5ceb31d733ca925666d212649436f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Fri, 25 Sep 2020 01:58:14 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18052

GET
H/1.1 200
OK standard.js Show response
alllayedout.com/javascript/ 6 KB
6 KB 22ms
9ms Script
application/javascript 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://alllayedout.com/javascript/standard.js
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: f3785bcfce475e623e8468b93f71d59bc67d840aa4558a88784ebd5426f4eef0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sat, 01 Jun 2013 04:26:18 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5721

GET
H/1.1 200
OK browser.js Show response
alllayedout.com/javascript/ 686 B
941 B 22ms
10ms Script
application/javascript 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://alllayedout.com/javascript/browser.js
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: df8c7021864ca15d44048d116c19c973c71959e9b0382d3566276440b3aa65fd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Feb 2014 18:43:44 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 686

GET
H/1.1 200
OK livesearch.js Show response
alllayedout.com/javascript/ 3 KB
4 KB 22ms
10ms Script
application/javascript 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://alllayedout.com/javascript/livesearch.js
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: bcf001785d4c80bdf2dc4722f58a4503a835e54de0116136248e2c9dd5ae9e31

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Fri, 25 Sep 2020 01:14:06 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3471

GET
H/1.1 200
OK swfobject.js Show response
alllayedout.com/javascript/gadgets/ 9 KB
9 KB 22ms
10ms Script
application/javascript 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://alllayedout.com/javascript/gadgets/swfobject.js
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: f7827bc010cbf599d556469f0e6127e68aaef95157cb892571384599cac9c714

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Wed, 12 Sep 2012 22:29:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9321

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 114 KB
40 KB 65ms
44ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: alllayedout.com
URL: http://alllayedout.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96478de7e350387814e15616b41f80d4d5cc1de25a5564225a8f29bb88a93da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 23 Mar 2022 19:35:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7470081639788203631
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40068
X-XSS-Protection: 0
Expires: Wed, 23 Mar 2022 19:35:52 GMT

GET
H/1.1 200
OK Guinness_St_Patricks_Day.jpg
alllayedout.com/Backgrounds/_thumbs/ 4 KB
4 KB 10ms
9ms Image
image/jpeg 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Backgrounds/_thumbs/Guinness_St_Patricks_Day.jpg
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 952bbc28fb0487998c7fde22d403c0b4834620334aee89ad0ec5278a8d932cfb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Tue, 11 Sep 2012 02:47:36 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3849

GET
H/1.1 200
OK Happy_St_Patricks_Day_02.gif
alllayedout.com/Comments/ 22 KB
23 KB 10ms
10ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Comments/Happy_St_Patricks_Day_02.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 82bf2c4ec45619d27e0900deeb77dbc6b06590db496ac29627b173d58844096c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 23003

GET
H/1.1 200
OK Happy_St_Patricks_Day.gif
alllayedout.com/Comments/ 19 KB
20 KB 10ms
9ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Comments/Happy_St_Patricks_Day.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 892b14745bd7689b9c0ee595fa81adfb98af835b3813e4198e58ef68cec428b5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19787

GET
H/1.1 200
OK Kiss_Me_Im_Irish.gif
alllayedout.com/Comments/ 17 KB
17 KB 10ms
9ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Comments/Kiss_Me_Im_Irish.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: c6fc92b89356427e39f9f964bbab241210d45be8fb3388c042e9ae5efd1f07a4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 17524

GET
H/1.1 200
OK Happy_St_Pattys_Day_02.gif
alllayedout.com/Comments/ 19 KB
19 KB 11ms
10ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Comments/Happy_St_Pattys_Day_02.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 6b66610370c10f09977c1d0015e43dea834b35dcdc6b449f647de9aca2183fb7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19618

GET
H/1.1 200
OK Happy_Shamrock_02.gif
alllayedout.com/Comments/ 9 KB
9 KB 11ms
10ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Comments/Happy_Shamrock_02.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 77336ffc5959b854cf09d7df33208a1c1707a35bb686a73737121f0f9d2e1abf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8975

GET
H/1.1 200
OK Happy_Saint_Paddys.gif
alllayedout.com/Comments/ 33 KB
33 KB 21ms
10ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Comments/Happy_Saint_Paddys.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 60a896dfa72015a22bf3fea6da29b70761072498ab0adf28e2ae4a71f7829f92

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33614

GET
H/1.1 200
OK Happy_Shamrock.gif
alllayedout.com/Comments/ 5 KB
5 KB 10ms
9ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Comments/Happy_Shamrock.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 14146ba5c9f3f90d685f9ec2bdece2ddca72c26087230f441169a294817a483a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5163

GET
H/1.1 200
OK Happy_St_Patricks_Day_03.gif
alllayedout.com/Comments/ 17 KB
17 KB 11ms
10ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Comments/Happy_St_Patricks_Day_03.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: ebb5493457eee534d43b57ab14b03213da2dd471050f090a65d87367227addaa

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17638

GET
H/1.1 200
OK Happy_St_Paddys.gif
alllayedout.com/Comments/ 47 KB
47 KB 10ms
10ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Comments/Happy_St_Paddys.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: ef8ec3387c3d9d93233fb86685e4205eef281af3582407ab82d854cbcfbbcd52

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 47669

GET
H/1.1 200
OK Background_56.jpg
alllayedout.com/Images/ 3 KB
4 KB 12ms
11ms Image
image/jpeg 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Images/Background_56.jpg
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 81b0b74da1555eb1ecb10aad764ccaa7cebfda05a198b0986427d7306d58e287

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:03 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3449

GET
H/1.1 200
OK Background_55.gif
alllayedout.com/Images/ 4 KB
5 KB 12ms
11ms Image
image/gif 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/Images/Background_55.gif
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 8d3f29dc44d11661d57c9639a089ff0e5dc183b8ce313550a9a94dbc479209e2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 09 Sep 2012 00:27:03 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4378

GET
H/1.1 200
OK standard_CR.css
alllayedout.com/css/ 248 B
488 B 10ms
9ms Stylesheet
text/css 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://alllayedout.com/css/standard_CR.css
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/javascript/browser.js
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: fff117e22fa2ab2f200afdd4384eda318ae4b84ad6a2642ad979a7c05079d4d7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Thu, 21 Feb 2013 17:32:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 248

GET
H/1.1 200
OK fade_80_dark.png
alllayedout.com/_images/ 3 KB
3 KB 12ms
10ms Image
image/png 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/_images/fade_80_dark.png
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/css/standard.css
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 69d42dc9854c84e1f046c897028077c2e3bdb3968c74e1ec0ad06e4eb58ccf35

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/css/standard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sun, 16 Sep 2012 00:51:31 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2846

GET
H/1.1 200
OK logo.png
alllayedout.com/_images/ 4 KB
5 KB 14ms
10ms Image
image/png 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/_images/logo.png
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/css/standard.css
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: df53dab8561633822f40e9a138c925c89325c12e97bcd288e46c6d815b754289

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/css/standard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Fri, 07 Sep 2012 01:52:16 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4570

GET
H/1.1 200
OK transparent.png
alllayedout.com/_images/ 3 KB
3 KB 14ms
11ms Image
image/png 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/_images/transparent.png
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/css/standard.css
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: b66ac574cf78b14f26a9b77904eac68fc513abfacc69802f31ea30c20d04e769

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/css/standard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Fri, 21 Sep 2012 00:03:24 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2808

GET
H/1.1 200
OK shadow.png
alllayedout.com/_images/ 5 KB
5 KB 14ms
11ms Image
image/png 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/_images/shadow.png
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/css/standard.css
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 0d6e6db0a5e57e2ede77f4bc78914e91379cae9e0e681609d05e9a31cbf51581

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/css/standard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Sat, 22 Sep 2012 19:26:40 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4760

GET
H/1.1 200
OK search.png
alllayedout.com/_images/ 4 KB
4 KB 25ms
9ms Image
image/png 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/_images/search.png
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/css/standard.css
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: 44b2f7a88ce04fb558032443db23b982125cbbd177295519f3dfa70318abc2b3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/css/standard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Fri, 07 Sep 2012 01:10:49 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4179

GET
H/1.1 200
OK empty_check.png
alllayedout.com/_images/ 3 KB
3 KB 16ms
9ms Image
image/png 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/_images/empty_check.png
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/css/standard.css
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: c20ef38e33569daee913ba6a1e52f91b02b06a4ce8a1e44bf4589ecdf6a6ebf2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/css/standard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Thu, 06 Sep 2012 20:35:09 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3322

GET
H/1.1 200
OK fade_60.png
alllayedout.com/_images/ 3 KB
3 KB 16ms
10ms Image
image/png 192.99.200.55
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alllayedout.com/_images/fade_60.png
Requested by: Host: alllayedout.com
URL: http://alllayedout.com/css/standard.css
Protocol: HTTP/1.1
Server: 192.99.200.55 , Canada, ASN16276 (OVH, FR),
Reverse DNS: united.windservers.com
Software: Apache /
Resource Hash: dc32e3824af50a6e96c20456a9d625c76a6eba88ed656254a7accbe88b9ad0aa

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/css/standard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 19:35:52 GMT
Last-Modified: Fri, 14 Sep 2012 23:22:57 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2845

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/ 297 KB
108 KB 97ms
52ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9beb13437dc648a0dfa1f7debe81129f5aaf69e62a5d7266f3c083a735566e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109604
x-xss-protection: 0
server: cafe
etag: 12389189776165236373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 19:35:52 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

65ms
19ms

Script
text/javascript

2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: alllayedout.com
URL: http://alllayedout.com/

Protocol

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3116
date: Wed, 23 Mar 2022 18:43:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 23 Mar 2022 20:43:56 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

linkid.js Show response
www.google-analytics.com/plugins/ua/
Redirect Chain

http://www.google-analytics.com/plugins/ua/linkid.js
https://www.google-analytics.com/plugins/ua/linkid.js

2 KB
1 KB

20ms
19ms

Script
text/javascript

2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: alllayedout.com
URL: http://alllayedout.com/

Protocol

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 23 Mar 2022 20:25:29 GMT

Redirect headers

Location: https://www.google-analytics.com/plugins/ua/linkid.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 83ms
32ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1607622-4&cid=508702639.1648064153&jid=1491954893&gjid=1103688739&_gid=984688819.1648064153&_u=KGBAgAAjAAAAAE~&z=1727112959

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://alllayedout.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 23 Mar 2022 19:35:52 GMT
content-type: text/plain
access-control-allow-origin: http://alllayedout.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j96&a=149352024&t=pageview&_s=1&dl=http%3A%2F%2Falllayedout.com%2F&ul=en-us&de=UTF-8&dt=Facebook%2C%20Twitter%20%26%20Google%2B%20Backgrounds%2C%20Com...
https://www.google-analytics.com/collect?v=1&_v=j96&a=149352024&t=pageview&_s=1&dl=http%3A%2F%2Falllayedout.com%2F&ul=en-us&de=UTF-8&dt=Facebook%2C%20Twitter%20%26%20Google%2B%20Backgrounds%2C%20Co...

35 B
55 B

20ms
20ms

Image
image/gif

2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=149352024&t=pageview&_s=1&dl=http%3A%2F%2Falllayedout.com%2F&ul=en-us&de=UTF-8&dt=Facebook%2C%20Twitter%20%26%20Google%2B%20Backgrounds%2C%20Comments%2C%20Images%2C%20Pics%2C%20Covers%20%26%20More!%20%7C%20AllLayedOut.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgAAj~&jid=1491954893&gjid=1103688739&cid=508702639.1648064153&tid=UA-1607622-4&_gid=984688819.1648064153&z=48599363

Requested by

Host: alllayedout.com
URL: http://alllayedout.com/

Protocol

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 08:08:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41222
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j96&a=149352024&t=pageview&_s=1&dl=http%3A%2F%2Falllayedout.com%2F&ul=en-us&de=UTF-8&dt=Facebook%2C%20Twitter%20%26%20Google%2B%20Backgrounds%2C%20Comments%2C%20Images%2C%20Pics%2C%20Covers%20%26%20More!%20%7C%20AllLayedOut.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgAAj~&jid=1491954893&gjid=1103688739&cid=508702639.1648064153&tid=UA-1607622-4&_gid=984688819.1648064153&z=48599363
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
649 B 84ms
35ms Script
text/javascript 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=alllayedout.com&callback=_gfp_s_&client=ca-pub-0772180759883513

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

198359232eeed16d5c97260349615cab36303e827ea31ccf46bb74166883db0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 84ms
38ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=alllayedout.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 19:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 87ms
40ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=alllayedout.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 19:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9A1 104 KB
39 KB 643ms
596ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=600&adk=2310048651&adf=4182599024&w=160&lmt=1648064152&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0066CC&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152542&bpp=21&bdt=127&idt=179&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&correlator=933062968674&frm=20&pv=2&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=60&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=V8g3lsymyV&p=http%3A//alllayedout.com&dtd=198

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffea1239e81d0df2e59eddc310d8184d2e7059e2958914141b6ae7e921d207fd

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6XlbP93PYCFcNicgodt2MPmA&gqi=mHY7YrOoMZOToPMPr-GryAM&layout=/sadbundle/%24csp%253Der3%24/11936876603315451362/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6XlbP93PYCFcNicgodt2MPmA&gqi=mHY7YrOoMZOToPMPr-GryAM&layout=/sadbundle/%24csp%253Der3%24/11936876603315451362/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Mar 2022 19:35:53 GMT
server: cafe
content-length: 39011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Mar 2022 19:35:53 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 75B9 83 KB
32 KB 611ms
574ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=150&adk=2184839780&adf=2031664413&w=180&lmt=1648064152&ad_type=text_image&format=180x150_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=179F17&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152567&bpp=11&bdt=152&idt=182&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x600_as&correlator=933062968674&frm=20&pv=1&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=809&ady=1339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mdMy0heqs8&p=http%3A//alllayedout.com&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdd6e92fcbdf7e66b501ee83f2c83ad0909c6241ec598c94fb1951ee1d17e30c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Mar 2022 19:35:53 GMT
server: cafe
content-length: 31676
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Mar 2022 19:35:53 GMT
cache-control: private

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 75B9 9 KB
4 KB 73ms
23ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=150&adk=2184839780&adf=2031664413&w=180&lmt=1648064152&ad_type=text_image&format=180x150_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=179F17&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152567&bpp=11&bdt=152&idt=182&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x600_as&correlator=933062968674&frm=20&pv=1&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=809&ady=1339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mdMy0heqs8&p=http%3A//alllayedout.com&dtd=185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 03:07:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 03:14:35 GMT

GET
H2 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame 75B9 8 KB
4 KB 67ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 03:07:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 04:14:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 75B9 8 KB
1 KB 85ms
37ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 19:31:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Mar 2022 19:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Mar 2022 19:35:53 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 75B9 2 KB
904 B 50ms
21ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 19:32:26 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame 75B9 19 KB
8 KB 72ms
20ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 19:33:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 75B9 2 KB
1 KB 48ms
20ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 19:32:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75B9 118 KB
36 KB 91ms
40ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36708
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647862282720048"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 19:35:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 75B9 15 KB
6 KB 72ms
21ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 19:34:22 GMT

GET
H3 200 c5c2d0ec538305d3144caccb9e9ba20c.js Show response
www.gstatic.com/mysidia/ Frame 75B9 28 KB
12 KB 45ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 00:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Jun 2022 00:26:01 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/ Frame 67EE 16 KB
5 KB 51ms
36ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=600&adk=2310048651&adf=4182599024&w=160&lmt=1648064152&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0066CC&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152542&bpp=21&bdt=127&idt=179&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&correlator=933062968674&frm=20&pv=2&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=60&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=V8g3lsymyV&p=http%3A//alllayedout.com&dtd=198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ae54fe32613e6c90c9347fb9dcb86d2758089875c337033c0e6a8218a253f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 3995
date: Mon, 21 Mar 2022 20:08:38 GMT
expires: Tue, 21 Mar 2023 20:08:38 GMT
cache-control: public, max-age=31536000
age: 170835
last-modified: Tue, 08 Mar 2022 15:04:51 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B9A1 0
0 71ms
43ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBTDxmHY7Ys7rMcPFyQO3x73ACaPhpPNoqJ7IsqcP29keEAEgzsmzA2D96KKB8AOgAabzwZkCyAEJqQK4i1a3BrmqPqgDAcgDSKoEwQFP0IObVgZqq-2WPKHgs12KTx7_w4h5b_4TtO7h4YY-jOAXb36bEvF1PCXIGwJOU2j3mrrXPHs4GbJHbOUITwqM1-4c68ANtmm_RUxtwjKr0zQm4EaXlQbj_8KMXstMhA2RLkZixTittf3kkZX8g3huGIYFzVF3x0vSHsqEC9irGgN5DGN6k5mwf1Nf6mfDAGvKbwuWS64KdKTikCu-i52hijA_hj5LmPRKxdm4-nbkaA4zlReHcWB6fsjbCKNjmV74wATJnvyggQSSBQQIBBgBkgUECAUYBKAGLoAHwoy-5gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRDN8aYB0ggHCIBhEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0wNzcyMTgwNzU5ODgzNTEzGAA&sigh=0g-kgdUqQ5g&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=600&adk=2310048651&adf=4182599024&w=160&lmt=1648064152&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0066CC&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152542&bpp=21&bdt=127&idt=179&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&correlator=933062968674&frm=20&pv=2&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=60&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=V8g3lsymyV&p=http%3A//alllayedout.com&dtd=198
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 23 Mar 2022 19:35:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Mar 2022 19:35:53 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame B9A1 19 KB
8 KB 37ms
24ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 19:33:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 75B9 0
0 43ms
43ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Col5vmHY7YpGIMpWFrr4P5vCSqAGnwOv5aJ3q0IHNDuiAuf_TDhABIM7JswNg_eiigfADoAG-sZq_A8gBAagDAcgDywSqBMcBT9AQ8OXbIjHNZJkSm4mMvnhikMcx6tpWZHK2GWfTO_if-ThTHB5yG0BuaHgRqh-qNRi4eP0gwxdFtIH5ZE-b4erYXBvNqZMdUtRXW9D35L3BirO9CgauVpTQF39x7-CxlZrtQ2c5NbnfNi5H0-OsHlQJsLJY0fHmeIA9jAtha-pCg88rQCqmRKouAuQkBue7X9MPAgPDBX3TKfDK6P2hHniiWtAJJlfP9TNwKuP4bEJ34hOaue2uSmlt6bD0LROrS0I7omhcwcAEjfK469wDkgUECAQYAZIFBAgFGASAB6rO5UCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCg3wrSCAcIgGEQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTA3NzIxODA3NTk4ODM1MTMYAA&sigh=yiS8v_kSBNM&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=150&adk=2184839780&adf=2031664413&w=180&lmt=1648064152&ad_type=text_image&format=180x150_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=179F17&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152567&bpp=11&bdt=152&idt=182&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x600_as&correlator=933062968674&frm=20&pv=1&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=809&ady=1339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mdMy0heqs8&p=http%3A//alllayedout.com&dtd=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 23 Mar 2022 19:35:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Mar 2022 19:35:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1197 143 B
163 B 20ms
19ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=150&adk=2184839780&adf=2031664413&w=180&lmt=1648064152&ad_type=text_image&format=180x150_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=179F17&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152567&bpp=11&bdt=152&idt=182&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x600_as&correlator=933062968674&frm=20&pv=1&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=809&ady=1339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mdMy0heqs8&p=http%3A//alllayedout.com&dtd=185

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 23 Mar 2022 18:54:55 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 67EE 9 KB
3 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 05:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 24 Mar 2022 05:04:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 67EE 26 KB
10 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 23 Mar 2022 22:27:06 GMT

GET
H3 200 776ba4358c10e1c3ddde28fffe9c08b0.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/ Frame 67EE 83 KB
21 KB 26ms
26ms Script
application/x-javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/776ba4358c10e1c3ddde28fffe9c08b0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5da698b9e8dcec1081e28a1916d03ce175be442e31bf68369986906635bb8b55

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 169971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21414
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:04:51 GMT
server: sffe
date: Mon, 21 Mar 2022 20:23:02 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 20:23:02 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9DC6 143 B
163 B 21ms
19ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&h=600&adk=2310048651&adf=4182599024&w=160&lmt=1648064152&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0066CC&color_text=666666&color_url=666666&url=http%3A%2F%2Falllayedout.com%2F&wgl=1&dt=1648064152542&bpp=21&bdt=127&idt=179&shv=r20220317&mjsv=m202203170101&ptt=5&saldr=sa&abxe=1&correlator=933062968674&frm=20&pv=2&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=60&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&pvsid=3611294796574428&pem=620&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=V8g3lsymyV&p=http%3A//alllayedout.com&dtd=198

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 23 Mar 2022 18:54:55 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame B9A1 2 KB
1 KB 34ms
33ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 19:32:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9A1 118 KB
36 KB 68ms
41ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36708
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647862282720048"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 19:35:53 GMT

GET
DATA 200
OK truncated
/ Frame 75B9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e968bec88dc0e16dfd306145afa11695cddad9cdd8438ff92dfc49c0dc16233f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 75B9 28 KB
28 KB 67ms
21ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:46:07 GMT
x-content-type-options: nosniff
age: 74986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:46:07 GMT

GET
H3 200 apercu_pro_700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/fonts/ Frame 67EE 144 KB
67 KB 49ms
21ms Font
font/ttf 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/fonts/apercu_pro_700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/776ba4358c10e1c3ddde28fffe9c08b0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

decb19f3ed4f81412c4ae39faa975f73c19a0bd6adc5b8aaefed6ece6ee78967

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 169971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69036
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:04:51 GMT
server: sffe
date: Mon, 21 Mar 2022 20:23:02 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 20:23:02 GMT

GET
H3 200 844fe5e099dbfcd8ee077cec4912ff04.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/ Frame 67EE 87 KB
87 KB 22ms
21ms Image
image/png 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/844fe5e099dbfcd8ee077cec4912ff04.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae4e5038ae914866808d29fe4befe45bb3ab8526a0ca8f6884a9ddbb5e357c04

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 169971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89426
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:04:51 GMT
server: sffe
date: Mon, 21 Mar 2022 20:23:02 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 20:23:02 GMT

GET
H3 200 919fa4dbb259dbe90dfcf0f3d4552f87.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/ Frame 67EE 5 KB
2 KB 20ms
20ms Image
image/svg+xml 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/919fa4dbb259dbe90dfcf0f3d4552f87.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee3b4d243c48739aebf0c58fef13c48b0e2c0c0574c9618806f84051446de724

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 169971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1818
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:04:51 GMT
server: sffe
date: Mon, 21 Mar 2022 20:23:02 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 20:23:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1197
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

44ms
43ms

Document
text/html

2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Mar 2022 19:35:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Mar 2022 19:35:53 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Mar 2022 19:35:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame B9A1 15 KB
6 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 19:34:22 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9DC6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

54ms
54ms

Document
text/html

2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Mar 2022 19:35:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Mar 2022 19:35:53 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Mar 2022 19:35:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B9A1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca3323f8f4f9b2cecee5fbcb42af8c5df00af51dc3682f468c1af7a9a78432a5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/919fa4dbb259dbe90dfcf0f3d4552f87.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/776ba4358c10e1c3ddde28fffe9c08b0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee3b4d243c48739aebf0c58fef13c48b0e2c0c0574c9618806f84051446de724

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 169971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1818
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:04:51 GMT
server: sffe
date: Mon, 21 Mar 2022 20:23:02 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 20:23:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 67EE 2 KB
537 B 61ms
34ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/776ba4358c10e1c3ddde28fffe9c08b0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2973257313b8a6815336e3c045ab9814ece44936d58bf637175cd7047cfc9406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:52:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Mar 2022 19:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Mar 2022 19:35:53 GMT

GET
H3 200 844fe5e099dbfcd8ee077cec4912ff04.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/ Frame 67EE 87 KB
87 KB 20ms
20ms Image
image/png 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/844fe5e099dbfcd8ee077cec4912ff04.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae4e5038ae914866808d29fe4befe45bb3ab8526a0ca8f6884a9ddbb5e357c04

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 169971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89426
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:04:51 GMT
server: sffe
date: Mon, 21 Mar 2022 20:23:02 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 20:23:02 GMT

GET
H3 200 c66bce625524070fba65be827b420e13.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/ Frame 67EE 23 KB
23 KB 24ms
23ms Image
image/jpeg 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/c66bce625524070fba65be827b420e13.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

764276bcfa400e79a3fd1b2fbc9bfa8a75b0fa7e6791488472c112790a746b4e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 169971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23877
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:04:51 GMT
server: sffe
date: Mon, 21 Mar 2022 20:23:02 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 20:23:02 GMT

GET
H3 200 a83e96d1f16a2a2872a8d8028d09b953.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/ Frame 67EE 11 KB
11 KB 26ms
25ms Image
image/png 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11936876603315451362/media/a83e96d1f16a2a2872a8d8028d09b953.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a21d6ccfeb2937b09662b02cd6f6ac2b16a97c9c5185ff75a879982f6f840f1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 169971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11428
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:04:51 GMT
server: sffe
date: Mon, 21 Mar 2022 20:23:02 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 20:23:02 GMT

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame 67EE 36 KB
14 KB 45ms
19ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 21:49:43 GMT

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame 66F0 36 KB
14 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 21:49:43 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 48ms
48ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

922f646653312d87833841bf3bd79361575343857d99d3b16f75d675128c831b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54762
x-xss-protection: 0
server: cafe
etag: 9303725637593515807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 19:35:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 69ms
41ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220317&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbfe22406afc53c85d7b0760a5dc8c18f2f12afb893ad7f0ee1d67800f582128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 19:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10419
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
43ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 19:35:54 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame 7D49 10 KB
4 KB 20ms
19ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Mar 2022 22:57:53 GMT
expires: Tue, 05 Apr 2022 22:57:53 GMT
cache-control: public, max-age=1209600
age: 74281
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 61ms
35ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=alllayedout.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 19:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 65ms
38ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=alllayedout.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 19:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E9EE 0
16 B 106ms
105ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0772180759883513&output=html&adk=1812271804&adf=3025194257&lmt=1648064154&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Falllayedout.com%2F&ea=0&pra=7&wgl=1&dt=1648064154022&bpp=1&bdt=1606&idt=1&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db06a8c9c692f97c5-22099382f8d10025%3AT%3D1648064152%3ART%3D1648064152%3AS%3DALNI_MZ17Y9DOCGfkBOQ3VqTGmlWygcHNA&prev_fmts=160x600_as%2C180x150_as&nras=1&correlator=933062968674&frm=20&pv=1&ga_vid=508702639.1648064153&ga_sid=1648064153&ga_hid=149352024&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065735%2C31065741%2C31063247&oid=2&psts=AGkb-H-zlVCWLUpS_auRxaXClSn-UyrRFABteN-XOl_DQfELh3afLsnX3I0XCbE2GIaAu0TAC4Rruwhy2ae-_i4%2CAGkb-H88ox_1JtREulavYsRcQRlhHBoUQYx1vGhHdFKfpHctyDP95SKgeA5-YdXm9RPU40s2t1LdOL7wt-jwRhkE&pvsid=3611294796574428&pem=620&tmod=1068576747&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_fy2019.js?bust=31065735

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Mar 2022 19:35:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 787D 13 KB
5 KB 20ms
20ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Mar 2022 00:26:15 GMT
expires: Thu, 23 Mar 2023 00:26:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 68979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C48 783 B
536 B 68ms
39ms Document
text/html 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ef540e3ca58bdb23464b367c6c8ff15aefa5f3610d09a43f305982c533bc82a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SqwYa+XALgkhbW4xPC/KxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 23 Mar 2022 19:35:54 GMT
date: Wed, 23 Mar 2022 19:35:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SqwYa+XALgkhbW4xPC/KxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame 787D 36 KB
14 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 21:49:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C48 0
0 43ms
43ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220317&jk=3611294796574428&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 787D 0
9 B 20ms
20ms Image
text/plain 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gBG6wg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:35:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B9A1 42 B
64 B 41ms
40ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5FUiMvvcF1yXZ4UJsYy6ZIfhs5eNpNc-3UQiQCrYt-MsT8COdqYhQ_bzeIlVmhNkQ4SJyIGYE15WcaxhK2nXnbtU_kXSlYrxptin5fhx3bX0zUDk&sai=AMfl-YTer3hqnXNpq0sPAj_Df0_nBI21biinikhaP3ffhv53IKzwWjF1k_7xm8OyJ9rZ4Ofp3n1L3lrMBPr7&sig=Cg0ArKJSzB7c6E7z9amqEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220321&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2310048651&rs=2&la=0&cr=0&vs=4&r=v&rst=1648064152743&rpt=881&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 19:35:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220317&jk=3611294796574428&bg=!8fKl8rbNAAba2mK92to7ACkAdvg8WhOzxqe8hzm4tor0Z0yy_2AXUif4q_iUmgCDhA11a6Gyqk3BNAIAAABvUgAAAANoAQcKAKtp4Wu6AFPAHcm08kR4ETAzUfkdxMIz2xHs2Rutbklv0v29-jr-Z1GycCdnrJYTnXFizc55C20fNgrQ7XQbOvfo3zze3KmNUe78d8PbLKbtIDAgrL1S4-CTw3-N8l1plHp9dqzsG1QjJIUcj-iYaOXhiJBY0NDU8SSBt6tjBKQWvSsTHtbPh7gXoBhWRjAnrb2M2w9_sVXHOXUdVa2wAhqEL7crSWTS-MMMBTWZAsbBQIYKO02upbNaXjRH2Dz72kAUfMZY6b0VttMiQi-Wyth-1ewMM9PMQO5-7yd390IoaNzbX6VAMHE-iWSNrmL5Pd_W_pn3rk3O27uRhFocLlZ3b2fxViGGHLnZRwo9GV75y78Co5nCsiJ4p8xLIXPcuQDudnZe46vDE1B9E2C2xLO42y0I6OyM4cAXKIqtNJVg0S8LJbab8DY6UxGTDJFDpp7t2aSVfqvPS-LDiJzNoA_ix6E3wRpjRNFJ0his6foQGXe6wmGFqJXEBQojZLBSFXhb_I5iUG2hgxFhi48feDhODQNl6ADw5QtwkjCLl0JAuwfwjC4qnnBqOtWmgHrmbVLtVsCHZca7VSH5CH5ZeUt16dIuQgYjO7SF8owcRT9iYeMiixNPTBLWeLTMR2LOkow4jQyzjz7TFnW2-GGaNk2Ii3IGNt3ZfwUF1Fol1E5xL755TsHZeCEOL8WOr7-LA4eju5EGVD9WaWaSpemdlFkTtvcrDJj7STyymE4G4hjxApHs11n6YCLMlkBF8ktyIKebcC32j5AoKcWPOc2WDfQwoONy_QRuEy5mwc1RWSWkdQipO4RDmCskforFCqvCVbt-6Ygocik2QA1KM24Ehrb3eQuC-9xTI6Qt0JFbDed1dlpsGdMOo8K2y-FvMKa1zSgPzvrlHAWWApbRMIZiWT16DZXprm5htPwQMl6rFb7Ew6ce5-l28cuycJyNcnLm8Oz5uek_VkKCmm0scbJJFXkMj_w_sssyVZc3mJLzDEF7XeLUFA60t6oxzT28cpobX32RDFuQefyBfK5KXV7xficJWesPh7zl2hv6OnbiMopGh8JJ3h2tucFJiFeJhmoXKM_D9ZYFiGSvXXxN3oRlluzm3gJtqILYNufec9-ZSwUUcOTmn3HZ4dldVBfqzmW-5EPV_jbGszqpvXFOi5F1PDQFKk7yFQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://alllayedout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 19:35:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
alllayedout.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2fa9b6dd97f9af6030ab39af98cde64a
.alllayedout.com/	1970-01-20 19:18:56	Name: _ga Value: GA1.2.508702639.1648064153
.alllayedout.com/	1970-01-20 01:49:10	Name: _gid Value: GA1.2.984688819.1648064153
.alllayedout.com/	1970-01-20 01:47:44	Name: _gat Value: 1
.alllayedout.com/	1970-01-20 11:09:20	Name: __gads Value: ID=b06a8c9c692f97c5-22099382f8d10025:T=1648064152:RT=1648064152:S=ALNI_MZ17Y9DOCGfkBOQ3VqTGmlWygcHNA
.doubleclick.net/	1970-01-20 19:18:56	Name: IDE Value: AHWqTUmlNAn2kHaMFZeSnvjaAuUcUPpbBGXIWisZj3geyyQcvGSbkaMNaifn6bz6Bk4
.doubleclick.net/	1970-01-20 01:47:47	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
alllayedout.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.80.2
192.99.200.55
2607:f8b0:4004:c06::9a
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2004
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::200e
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d6e6db0a5e57e2ede77f4bc78914e91379cae9e0e681609d05e9a31cbf51581
14146ba5c9f3f90d685f9ec2bdece2ddca72c26087230f441169a294817a483a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
198359232eeed16d5c97260349615cab36303e827ea31ccf46bb74166883db0d
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
2973257313b8a6815336e3c045ab9814ece44936d58bf637175cd7047cfc9406
44b2f7a88ce04fb558032443db23b982125cbbd177295519f3dfa70318abc2b3
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
5da698b9e8dcec1081e28a1916d03ce175be442e31bf68369986906635bb8b55
5ef540e3ca58bdb23464b367c6c8ff15aefa5f3610d09a43f305982c533bc82a
60a896dfa72015a22bf3fea6da29b70761072498ab0adf28e2ae4a71f7829f92
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69d42dc9854c84e1f046c897028077c2e3bdb3968c74e1ec0ad06e4eb58ccf35
6b66610370c10f09977c1d0015e43dea834b35dcdc6b449f647de9aca2183fb7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
764276bcfa400e79a3fd1b2fbc9bfa8a75b0fa7e6791488472c112790a746b4e
77336ffc5959b854cf09d7df33208a1c1707a35bb686a73737121f0f9d2e1abf
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
81b0b74da1555eb1ecb10aad764ccaa7cebfda05a198b0986427d7306d58e287
82bf2c4ec45619d27e0900deeb77dbc6b06590db496ac29627b173d58844096c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
892b14745bd7689b9c0ee595fa81adfb98af835b3813e4198e58ef68cec428b5
8d3ae54fe32613e6c90c9347fb9dcb86d2758089875c337033c0e6a8218a253f
8d3f29dc44d11661d57c9639a089ff0e5dc183b8ce313550a9a94dbc479209e2
922f646653312d87833841bf3bd79361575343857d99d3b16f75d675128c831b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
952bbc28fb0487998c7fde22d403c0b4834620334aee89ad0ec5278a8d932cfb
96478de7e350387814e15616b41f80d4d5cc1de25a5564225a8f29bb88a93da5
9a21d6ccfeb2937b09662b02cd6f6ac2b16a97c9c5185ff75a879982f6f840f1
9beb13437dc648a0dfa1f7debe81129f5aaf69e62a5d7266f3c083a735566e37
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
ae4e5038ae914866808d29fe4befe45bb3ab8526a0ca8f6884a9ddbb5e357c04
b66ac574cf78b14f26a9b77904eac68fc513abfacc69802f31ea30c20d04e769
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bbfe22406afc53c85d7b0760a5dc8c18f2f12afb893ad7f0ee1d67800f582128
bcf001785d4c80bdf2dc4722f58a4503a835e54de0116136248e2c9dd5ae9e31
c1fe0d92f0584a501dc9cf7bcc685dc2ec56725bae26f5d788b760d3dac30651
c20ef38e33569daee913ba6a1e52f91b02b06a4ce8a1e44bf4589ecdf6a6ebf2
c6fc92b89356427e39f9f964bbab241210d45be8fb3388c042e9ae5efd1f07a4
ca3323f8f4f9b2cecee5fbcb42af8c5df00af51dc3682f468c1af7a9a78432a5
cdd6e92fcbdf7e66b501ee83f2c83ad0909c6241ec598c94fb1951ee1d17e30c
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dc32e3824af50a6e96c20456a9d625c76a6eba88ed656254a7accbe88b9ad0aa
decb19f3ed4f81412c4ae39faa975f73c19a0bd6adc5b8aaefed6ece6ee78967
df53dab8561633822f40e9a138c925c89325c12e97bcd288e46c6d815b754289
df8c7021864ca15d44048d116c19c973c71959e9b0382d3566276440b3aa65fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e968bec88dc0e16dfd306145afa11695cddad9cdd8438ff92dfc49c0dc16233f
ebb5493457eee534d43b57ab14b03213da2dd471050f090a65d87367227addaa
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ee3b4d243c48739aebf0c58fef13c48b0e2c0c0574c9618806f84051446de724
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8ec3387c3d9d93233fb86685e4205eef281af3582407ab82d854cbcfbbcd52
efe7efd6edba5809be4f90a68b8980f253e5ceb31d733ca925666d212649436f
f3785bcfce475e623e8468b93f71d59bc67d840aa4558a88784ebd5426f4eef0
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
f7827bc010cbf599d556469f0e6127e68aaef95157cb892571384599cac9c714
ffea1239e81d0df2e59eddc310d8184d2e7059e2958914141b6ae7e921d207fd
fff117e22fa2ab2f200afdd4384eda318ae4b84ad6a2642ad979a7c05079d4d7

alllayedout.com Open in urlscan Pro 192.99.200.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

65 %HTTPS

86 %IPv6

10 Domains

14 Subdomains

15 IPs

2 Countries

1136 kBTransfer

2148 kBSize

7 Cookies

3 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

alllayedout.com Open in urlscan Pro
192.99.200.55 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

65 %
HTTPS

86 %
IPv6

10
Domains

14
Subdomains

15
IPs

2
Countries

1136 kB
Transfer

2148 kB
Size

7
Cookies

85 HTTP transactions
2 data transactions