rustygriswold.ca Open in urlscan Pro
104.18.153.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rustygriswold.ca/
Submission Tags: phishingrod
Submission: On November 08 via api (November 8th 2023, 1:21:24 pm UTC) from DE — Scanned from CA

Summary HTTP 61 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 61 HTTP transactions. The main IP is 104.18.153.16, located in and belongs to CLOUDFLARENET, US. The main domain is rustygriswold.ca.
TLS certificate: Issued by GTS CA 1P5 on October 18th 2023. Valid for: 3 months.

This is the only time rustygriswold.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.18.153.16 104.18.153.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
12	142.251.167.155 142.251.167.155	15169 (GOOGLE) (GOOGLE)
4	142.251.179.113 142.251.179.113	15169 (GOOGLE) (GOOGLE)
1	142.251.167.157 142.251.167.157	15169 (GOOGLE) (GOOGLE)
1	142.251.179.154 142.251.179.154	15169 (GOOGLE) (GOOGLE)
16	172.253.115.113 172.253.115.113	() ()
5	172.253.122.132 172.253.122.132	() ()
1	142.251.111.155 142.251.111.155	() ()
2	34.149.135.28 34.149.135.28	() ()
2	172.67.74.191 172.67.74.191	() ()
1	142.251.163.106 142.251.163.106	() ()
61	13

14 104.18.153.16 (None, )

ASN13335 (CLOUDFLARENET, US)

rustygriswold.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.179.113 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.179.154 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f154.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.253.115.113 (None, )

ASN- ()

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.122.132 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.155 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.135.28 (None, )

ASN- ()

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.74.191 (None, )

ASN- ()

cdn.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.106 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	google.com fundingchoicesmessages.google.com www.google.com	67 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com	291 KB
14	rustygriswold.ca rustygriswold.ca	518 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	71 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	rtbrain.app cdn.rtbrain.app	319 KB
2	bidbrain.app g.bidbrain.app	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	151 KB
1	googletagservices.com www.googletagservices.com	60 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	610 B
61	10

	Domain	Requested by
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
14	rustygriswold.ca	rustygriswold.ca
9	pagead2.googlesyndication.com	rustygriswold.ca pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com rustygriswold.ca
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.rtbrain.app	googleads.g.doubleclick.net
2	g.bidbrain.app	rustygriswold.ca
2	www.googletagmanager.com	rustygriswold.ca www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
61	12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
rustygriswold.ca GTS CA 1P5	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.bidbrain.app R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
rtbrain.app Cloudflare Inc ECC CA-3	`2023-10-19` - `2024-10-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://rustygriswold.ca/
Frame ID: 80EC17C26A2AE8A4EFAA38D0F8300848
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html?hello=world
Frame ID: 048D6DEEBAF21383D524721433571090
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5452915446355382&output=html&adk=1812271804&adf=3025194257&lmt=1699295452&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Frustygriswold.ca%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699449677168&bpp=4&bdt=3596&idt=283&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2073598179876&frm=20&pv=2&ga_vid=1687703441.1699449674&ga_sid=1699449677&ga_hid=661105280&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079408%2C44804683%2C44807455%2C44807462%2C31078297%2C44807749%2C44808148&oid=2&pvsid=1960126308732483&tmod=714704611&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=317
Frame ID: F4E9CA7F54D70A77459643106262EEFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?hello=world&fsb=1
Frame ID: DEFEAE70A35A2CB7E98C62C4825631C1
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD527552D766907F38E1EB7001203D47
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 273E8D876C97F40362C8677B1D5AC880
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rusty Griswold Light Display – Illuminating your holidays with pixel lights, articles, tools, and recipes.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

61
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

13
IPs

2
Countries

1500 kB
Transfer

3413 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/rustygriswoldlights

Search URL Search Domain Scan URL

URL: https://twitter.com/iMike_M

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rustygriswold.ca/ 144 KB
25 KB 101ms
45ms Document
text/html 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.18

Resource Hash

a526617ed005d96ba268dc440a005e67463da882347d533343061884a2e7e15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1429
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 822e1e2b9d95a208-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 13:21:13 GMT
last-modified: Mon, 06 Nov 2023 18:30:52 GMT
server: cloudflare
vary: Accept-Encoding
wpo-cache-status: cached
x-content-type-options: nosniff
x-nginx-cache-status: MISS
x-powered-by: PHP/8.1.18
x-xss-protection: 1; mode=block

GET
H2 200 wpo-minify-header-cc0c2c3a.min.css
rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/ 400 KB
54 KB 40ms
38ms Stylesheet
text/css 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/wpo-minify-header-cc0c2c3a.min.css

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ff2ec555649a80790f6eb12977712ba69ea7fb8257b04c5012dabd94f4da25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 18:35:38 GMT
server: cloudflare
age: 8491
vary: Accept-Encoding
content-type: text/css
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 822e1e2bedf5a208-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 10:59:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 154ms
66ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-184577474-1

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

65ba95a7fe5aea36d2a6cadc9b7c69a87bfba08d7d19ab46987ef19f0529270b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64569
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 13:21:13 GMT

GET
H3 200 wpo-minify-header-374811fd.min.js Show response
rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/ 99 KB
35 KB 38ms
37ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/wpo-minify-header-374811fd.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb30cece86f91bc4f88a1eedc5743bc60c211171c931898451e8311b8df287e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 17:30:15 GMT
server: cloudflare
age: 25773
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 822e1e2c6da2a241-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 06:11:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 3461ms
84ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

e07e1f098f187e8f7a796173025a029d0529690c16eef5d9bdd7ea26908392fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Origin: https://rustygriswold.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53682
x-xss-protection: 0
server: cafe
etag: 6729083554840803068
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 13:21:17 GMT

GET
H2 200 TransparentLogo.png
rustygriswold.ca/wp-content/uploads/2023/01/ 50 KB
50 KB 39ms
39ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/TransparentLogo.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321ccc756dc8930f4f8e1549ec7229584fe0e6eab18a6e86562c63ccb7c0034b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27444
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 50882
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:37:44 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 822e1e2c0e26a208-YYZ
expires: Sun, 07 Jan 2024 05:43:49 GMT

GET
H3 200 wpo-minify-footer-ab412b86.min.js Show response
rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/ 129 KB
37 KB 76ms
75ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/wpo-minify-footer-ab412b86.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96cf2ad4d7452716cedbb902c7bf9fb64fb6b2774b78d34570781ba552fc754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 17:30:19 GMT
server: cloudflare
age: 25773
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 822e1e2c6da3a241-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 06:11:40 GMT

GET
H3 200 wpo-minify-footer-f23f1911.min.js Show response
rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/ 70 KB
22 KB 78ms
77ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/wpo-minify-footer-f23f1911.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8afad9011803174bd0457df22c26816dffca35c05686eed2cfa93c4cad6177ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 17:30:19 GMT
server: cloudflare
age: 25773
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 822e1e2c6da5a241-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 06:11:40 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 TransparentLogo-Copy-1-1024x318.png
rustygriswold.ca/wp-content/uploads/2023/01/ 33 KB
33 KB 39ms
36ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/TransparentLogo-Copy-1-1024x318.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96cbfe92e249edd7ee4220baf58d767efa56c274a1a6f4c313dc2ac823174ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27443
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 33460
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 17:16:49 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 822e1e2ccdfba241-YYZ
expires: Sun, 07 Jan 2024 05:43:50 GMT

GET
H3 200 142.e0c0e2296e5a94af9d7f.js Show response
rustygriswold.ca/wp-content/themes/blocksy/static/bundle/ 6 KB
2 KB 34ms
33ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/themes/blocksy/static/bundle/142.e0c0e2296e5a94af9d7f.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/wpo-minify-footer-ab412b86.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e0046b99ea390cf12c7a6075ed26b99bcdf483dec6d6b11b94a3cce1394b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 20:40:14 GMT
server: cloudflare
age: 11180
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 822e1e2d2e78a241-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 10:14:53 GMT

GET
H3 200 rusty2022-1024x768.png
rustygriswold.ca/wp-content/uploads/2023/01/ 229 KB
229 KB 34ms
33ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/rusty2022-1024x768.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b23d759a6b477abee500b8486249ee8d329b9ee9f0e4f2fdaca0d2f2de00a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11180
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 234128
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:34:16 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 822e1e2d5ea8a241-YYZ
expires: Sun, 07 Jan 2024 10:14:53 GMT

GET
H3 200 chch-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ 6 KB
6 KB 73ms
72ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/chch-150x150.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b315da8034899a1ebb58ec1846f65fe6d26d48f5df6290da8cdc6e654ef18719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11180
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 5638
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:13 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 822e1e2d5eaaa241-YYZ
expires: Sun, 07 Jan 2024 10:14:53 GMT

GET
H3 200 output-onlinejpgtools-2-150x150.png
rustygriswold.ca/wp-content/uploads/2023/01/ 8 KB
8 KB 74ms
73ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/output-onlinejpgtools-2-150x150.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cb51fa1405fab99ec51f01f228d000c32f4e72f8b388602117c4aa9ac05af8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11180
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8100
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:43 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 822e1e2d5eaca241-YYZ
expires: Sun, 07 Jan 2024 10:14:53 GMT

GET
H3 200 ctvtoronto-300x169.png
rustygriswold.ca/wp-content/uploads/2023/01/ 9 KB
9 KB 74ms
73ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/ctvtoronto-300x169.png

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de0fe8da77b5630c572c51956f872097dda5f1c658078cbf07e7b8d7c6e9218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11180
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9040
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:20 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 822e1e2d5eada241-YYZ
expires: Sun, 07 Jan 2024 10:14:53 GMT

GET
H3 200 BurlingtonToday.com-Logo.jpg
rustygriswold.ca/wp-content/uploads/2023/01/ 7 KB
7 KB 74ms
74ms Image
image/webp 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustygriswold.ca/wp-content/uploads/2023/01/BurlingtonToday.com-Logo.jpg

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc44cf6f19e21d15c539570bf3959ca346ec974593d6822dcf8ba2ef30fe5dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11180
x-nginx-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 7054
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Feb 2023 16:38:34 GMT
x-wpo-webp: Redirected directly to existing webp
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 822e1e2d5eafa241-YYZ
expires: Sun, 07 Jan 2024 10:14:53 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
rustygriswold.ca/wp-content/plugins/elementor/assets/js/ 1 KB
856 B 35ms
35ms Script
application/javascript 104.18.153.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rustygriswold.ca/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/wp-content/cache/wpo-minify/1699032612/assets/wpo-minify-footer-ab412b86.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.153.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b81299324e11a2620bd551e5755803d8cbc7103e77e4dcc0accc31e92cdb65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 18:28:55 GMT
server: cloudflare
age: 25772
vary: Accept-Encoding
content-type: application/javascript
x-nginx-cache-status: MISS
cache-control: max-age=2592000
cf-ray: 822e1e2dbf00a241-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 06:11:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 122ms
39ms Script
text/javascript 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184577474-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 11:28:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6772
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 08 Nov 2023 13:28:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
87 KB 59ms
59ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184577474-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4c677479e23f5d0e503be5aa470cfae1fdad055a1456c537d5f3171ef5073299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 13:21:13 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 48ms
47ms Ping
text/plain 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7TKVW5VVYW&gtm=45je3b60v873983712&_p=1699449673651&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1687703441.1699449674&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699449674&sct=1&seg=0&dl=https%3A%2F%2Frustygriswold.ca%2F&dt=Rusty%20Griswold%20Light%20Display%20%E2%80%93%20Illuminating%20your%20holidays%20with%20pixel%20lights%2C%20articles%2C%20tools%2C%20and%20recipes.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=556
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.179.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: pd-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:21:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rustygriswold.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 48ms
47ms XHR
text/plain 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=661105280&t=pageview&_s=1&dl=https%3A%2F%2Frustygriswold.ca%2F&ul=en-us&de=UTF-8&dt=Rusty%20Griswold%20Light%20Display%20%E2%80%93%20Illuminating%20your%20holidays%20with%20pixel%20lights%2C%20articles%2C%20tools%2C%20and%20recipes.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=856630480&gjid=861613902&cid=1687703441.1699449674&tid=UA-184577474-1&_gid=1981109625.1699449674&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1509668682

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:21:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rustygriswold.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 187ms
114ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

734354eff79f1464af65efaa7b7cdcb42e6f428c371f33e835f0fe9d95947a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138448
x-xss-protection: 0
server: cafe
etag: 18047902854297920111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 13:21:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame 048D 10 KB
5 KB 116ms
39ms Document
text/html 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5452915446355382&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 64691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 19:23:06 GMT
etag: 251720774729838433
expires: Tue, 21 Nov 2023 19:23:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
610 B 125ms
48ms Script
text/javascript 142.251.179.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rustygriswold.ca&callback=_gfp_s_&client=ca-pub-5452915446355382

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f154.1e100.net

Software

cafe /

Resource Hash

105567df7e239f535a6e067594e19c38ec10ab2ab1b494f3872e82e6cff0563e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F4E9 208 KB
62 KB 1413ms
1412ms Document
text/html 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5452915446355382&output=html&adk=1812271804&adf=3025194257&lmt=1699295452&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Frustygriswold.ca%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699449677168&bpp=4&bdt=3596&idt=283&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2073598179876&frm=20&pv=2&ga_vid=1687703441.1699449674&ga_sid=1699449677&ga_hid=661105280&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079408%2C44804683%2C44807455%2C44807462%2C31078297%2C44807749%2C44808148&oid=2&pvsid=1960126308732483&tmod=714704611&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=317

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

375d4f1072a3c32d1cfa9c8032d26072d2fdedb23d5ca99f37a6769b30268ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 63294
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 13:21:18 GMT
expires: Wed, 08 Nov 2023 13:21:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 160 KB
55 KB 66ms
66ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

982a0ba20ccb0c9cac3f0a831bc2b50fe5d64f65860b3c5b4c708637de2c19df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55820
x-xss-protection: 0
server: cafe
etag: 8092923297206179201
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 13:21:18 GMT

GET
H2 200 ca-pub-5452915446355382 Show response
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 148ms
71ms Script
application/javascript 172.253.115.113

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5452915446355382?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

eff1bb3e01cc48f7628bc97afb4da55e3a1c14404ad6f878e4ff6ad831e33328

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-HcfTZ_zbdSSJ4a0mMQE2GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-HcfTZ_zbdSSJ4a0mMQE2GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame DEFE 10 KB
4 KB 38ms
37ms Document
text/html 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 64610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 19:24:29 GMT
etag: 251720774729838433
expires: Tue, 21 Nov 2023 19:24:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWhInjqSRy1Q_dMYGEBD57RYqtFPXSNbfV_IHLqAobWKssTUqoxDcKIdFFadMpXYj50frCB9SUe5cKRkBTXuJxaevz9n8WMvpYYMXtevvgohe663vah-SXDK7XEOI2jypwQZWIuWQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 89ms
88ms Script
application/javascript 172.253.115.113

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWhInjqSRy1Q_dMYGEBD57RYqtFPXSNbfV_IHLqAobWKssTUqoxDcKIdFFadMpXYj50frCB9SUe5cKRkBTXuJxaevz9n8WMvpYYMXtevvgohe663vah-SXDK7XEOI2jypwQZWIuWQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NDQ5Njc5LDE3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ydXN0eWdyaXN3b2xkLmNhLyIsbnVsbCxbWzgsIkc4ZnV5eUhnbVlBIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMxdjsJfJUrPhqwbGp-ENnli9-NvqA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

ac565c4f648974f773dc8877594f81a2b2d9caaf2b1d7a541d7e3066965e99da

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0_XgT-aIBb7kAfSuPADj8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0_XgT-aIBb7kAfSuPADj8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame DEFE 3 KB
1 KB 116ms
40ms Script
text/javascript 172.253.122.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.132 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:01:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:01:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame DEFE 20 KB
9 KB 112ms
37ms Script
text/javascript 172.253.122.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.132 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 02:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 02:39:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEFE 190 KB
60 KB 117ms
40ms Script
text/javascript 142.251.111.155

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.155 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 13:21:19 GMT

GET
DATA 200
OK truncated
/ Frame DEFE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 248e28f8797df0db68f87e62a8ed23cc37757c8b431bc1b775b43c4b75630879

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DEFE 0
23 B 105ms
104ms Image
text/html 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQjcFTYtLZcCEIMKgoPMP-uG9sA_SkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi01NDUyOTE1NDQ2MzU1MzgyyAEJqAMByAMCqgTNAU_QBqZ0TAHE1Xss5EC8kbyjmWLBP2KhjrugqBFpMwW5vRDzqlvaNLx09mRzYZs73aM_jowhW10qLQCvIcJTCfhos2w4QlAMLnFSahncT3dAwoRD9-c_0gL3lDsBYLkF-6_BjNDWUe5MneER4DoapK2BCUAGgWUlnQ5hMELGg9_zDnHJS_0P8XEwzJPCZbRk70Jo_OYfThmS3Db7VO5ghdHJPa3OZL-Mo_vGas_GkLQlvqDKT_2U2fvoKulzhQ5csQ1J9oqiFVm4Zte6ZzuABqaukfCV7OnBXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTQ1MjkxNTQ0NjM1NTM4MhgA&sigh=PqAhDJohT2A&uach_m=[UACH]&cid=CAQSTwDICaaNrTrs0rSMfYe91SmrRzbXHaBBuKAXCW6h6MREtDlOMdnFE4sk0wu2ca8qyw9uVopHny0CErmeOgDsG9c-X4KzGETbQZfkf1rlZw0YAQ&cbvp=2&vis=1

Requested by

Host: rustygriswold.ca
URL: https://rustygriswold.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Nov 2023 13:21:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Nov 2023 13:21:19 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame DEFE 0
758 B 125ms
80ms Image
text/plain 34.149.135.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=b304b791-7e39-11ee-b549-36e59317db74&d=rustygriswold.ca&cr=ext_ng_start_fires6&a=imp&p=ZUuLTQAIAkAIaBBCAA9w-lM2CQ4QP23n5g3rFw&im=V-jmnghC4cx7iQDUTUu5GVkRZjI1Cw7f9qAoq6kuxFM8BtFNGyHqwNkoOJlo-NC8YD2kmrClvBuGnH-wA-rnZOWhdmSVjiQ7upnF00dLrSNlpFQlyg0hk9JM-4HgtrO-CSLXfLyFXvVlxkYUUCRFdh1SPkfhYn3iHxpseM-Rcmx-7afdm_Uw0svGJCq78NcxHkrCguWn2BqDwQjO7M9HHoPmsVF--RLbO2dTt5u0FRcPxkecPmVs__mxP5l9UXnYm1-UBXzooNdT-GhccR9vRYXhagJP2ZlRcFXpy0gUHsv6ALn5xcfBrhrEhg4FBHt4&cbvp=2
Requested by: Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:21:19 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
60ms XHR
application/json 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231106&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

8baf935edfa84aff1e8b5570c1e598bc3f58a96d6e7369d1969531e6920ebd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12056
x-xss-protection: 0

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame DEFE 159 KB
160 KB 145ms
97ms Font
application/octet-stream 172.67.74.191

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.191 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1136
x-guploader-uploadid: ABPtcPo9zj-LKkfRz3UfYPDEqgFD-koPti9WWJ_SwHQGh75udOmD23Uf9YYlKJg22Q79cY0lW7PhkbdxsmZ00u5ppF60oQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJop1%2F9B6SYKCFVKZzVOie09NdSGR1Ox%2BaVmvbiYKiTMvReYwWT6EKoZECwHqRemjn%2F0BE%2FsemObGXckUQYxGFKy3svWAmJgRLY49q23uG25bl8u5BR7%2F91J8AIqB2bo3w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 822e1e51287736fe-YYZ
expires: Wed, 08 Nov 2023 13:04:35 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame DEFE 159 KB
160 KB 74ms
28ms Font
application/octet-stream 172.67.74.191

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.191 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1605
x-guploader-uploadid: ABPtcPrSggtiDgdmCosixadMXCdT5V70oCCiRT6JuF_3OqSa8V3Cf5x_ZmrV57F2cUtkKrU1TxQA_eQPOSjRiDK9jyj-ug
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afYveFVTykFh5Kmw2le5gFFlXhBm8pt1G9EMTXfWfNetTMsC88AksZlGhbng48FetESOxHQxCa0Nhuhjumj07v7t%2B7Dr9OCCoN2WuhYyCdYAZ9kHD1wFclwXQshv3I90oA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 822e1e51287436fe-YYZ
expires: Wed, 08 Nov 2023 13:39:09 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 39ms
38ms Script
text/javascript 172.253.122.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 13:21:19 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame DEFE 0
408 B 64ms
64ms Ping
text/plain 34.149.135.28

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: rustygriswold.ca
URL: https://rustygriswold.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:21:19 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD52 13 KB
5 KB 38ms
38ms Document
text/html 172.253.122.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 163283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 15:59:56 GMT
expires: Tue, 05 Nov 2024 15:59:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 273E 829 B
1 KB 133ms
57ms Document
text/html 142.251.163.106

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.106 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

4dac1c4879aef4e82515034e4b0907cbf26de1dd1c18627de6f9d097ec958f14

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yx7EHVYirUmZHQKTryqt-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rustygriswold.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yx7EHVYirUmZHQKTryqt-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 13:21:19 GMT
expires: Wed, 08 Nov 2023 13:21:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame BD52 38 KB
15 KB 37ms
37ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 12:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 12:15:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 273E 0
0 94ms
94ms Image
text/html 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231106&jk=1960126308732483&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD52 0
10 B 38ms
37ms Image
text/plain 172.253.122.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?E_fzaA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.122.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 60ms
59ms Image
image/gif 172.253.115.113

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.8015461629605785

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-NijEK2Lq8OADbZYqmY2f1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-NijEK2Lq8OADbZYqmY2f1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 115ms
114ms Image
image/gif 172.253.115.113

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.1536963351314884

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-eyAmtDt5eI57OxTPV8GT5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-eyAmtDt5eI57OxTPV8GT5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
95ms Image
text/html 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231106&jk=1960126308732483&bg=!m5ilmNfNAAb4oU7C2KE7ADQBe5WfOEt-_ZJsC0OCVuW8bMpLtPOnyXLyfJWT-FJyPr075NSkqIQnTkEznt7xLuXdaQdAAgAAAFtSAAAACWgBBwoAcic2eo9dw1IEuRDQ4nL0OYGDzh0RCals_L9ylI7fSqnP4zZ8poXie7T1Dt0Ad1LvqW8AZQIDegw-3i4Kjc02OlkhWTGxdeqOL1lmMrWM-r0AGX6nIqjQG6ySItWgYXQYLt-p9oCXOFPBoRuw_PJ2vAumBJkCw-fJMiN32pWybDmFQy5OGKt9Go8Io6G_FDwhURI6WOeBACff6AB5jC-GcoI_4YUT-Wq8OSR91BK3vEOAc2WAzRFfO8fhVf_IbgR5kR6wBtSJPfNZDS4j08P5pRZAuoab_hZdjAXBSr5cgJaDMv5ysvZPAUdmAy0GjGCsW6CJgb0dxWOhJgaNQFzu1BXW8MZ1CMLtGG6a3PtRNPMR2qv09tHFy4pGwVHxUrKBe27YQ87FoTeudYtTz6fJbtR4ytcR9zUyax4ihNSWy4ckpSGhSoa1PAWeV1TbL9v-bfbGE87a221sPV6pokJM56nWneL8g1BcpffWG6RuWjDNIsAiUEX4rqw73f89dn7yHMGjtU2fg7OpjoXDhBwBzAC4TciaaYXfM_oRX2LjOlIMsqHB9FVXnBtg3XU1ArIWrTtxpqOVlpg9AcIEaKLHOFF3mhjkZfIFW4MlLXIuVRVjmLXUqG00U160BlGie08OW-IuNa-tEBp93kKdnCzEZah1OZ5K7ZcemlsSJqdGM3_CVdKCO1_naDHOhPH2YGIB8k-hAtKZI31E61JNBf7uHVjOUfrwfUeh9CIDsy0LiZujVE3uiDe3zXA62rsfC2pj_zFlWdxL_WFm3PQtJKzyF5TE7wWlL55nsIQhlMxHB_5EvhDFdEhhJbnks6ZJ9_BXPxzwwiJT-jqbSgrWzKhcwNDxWQbyLVEAJfV95LZ0rDk4vr-TRgAVSsnJEmwYae3xzBRNe3xeYsKZquCQwXkZwmkna3bLKK0pQfPJEyo_rtFbo7lV8hYYSeDHkKEknc_wEso0U4CSGijXfzgBNZCooxg1i1afg-fVhA22KYMfrPogVBSExhUMoTmIy0A2cV77QHOjfLSNkkKFnAeed_pIBgnuKR-ttAAF5tROJ9iGE2HdUxAMPEIr2lLVbYX6243PJ2r8ZpyYn5Oq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

POST
H3 204 AGSKWxVbIf1pF1xg44gWmWxlyJnLtVvqlu5cqCw25jnMdOUtrDQSFjdJZFH1J6_eIYza52bE8q0bwIZETwP-jWjKbWXGXmGdE_MctoI95U5BQHiLpdLkmspAqW95IFtRQrpMbYnIYeqT5A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 134ms
56ms XHR
text/html 172.253.115.113

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVbIf1pF1xg44gWmWxlyJnLtVvqlu5cqCw25jnMdOUtrDQSFjdJZFH1J6_eIYza52bE8q0bwIZETwP-jWjKbWXGXmGdE_MctoI95U5BQHiLpdLkmspAqW95IFtRQrpMbYnIYeqT5A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5B01MzHNzWyKH3t6B331TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Nov 2023 13:21:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5B01MzHNzWyKH3t6B331TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DEFE 42 B
64 B 97ms
97ms Fetch
image/gif 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssC0mXBeBwGMZswGtcN3ExusiAp42AbpAvgqg9zf4EsoCfzQFgWDbYTkrFWXm0LXbv9CWWMJS29fkIm7GZnyYr54j-7UxTYGnm1XvaMOgfDoOjbCWHIBA&sig=Cg0ArKJSzOFtpjWh5u0GEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,760,1000,1049,1049&tos=83,677,240,49,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699449679143&rpt=328&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:21:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 avw. Show response
fundingchoicesmessages.google.com/f/AGSKWxVp_-V4QVqeRncUNcr0nKSwJ_pikHMXkStETMdO3k7UJSPpxyD5oWt6uvaYU_5WzB2gKQTHg3xhICI3SoRSXOelNsS1m1ewsjDx3G3DPriXiMdKxbSX8Rdcoo7MJH1Tbhv9NqGTbLlTyySh6Xq-iD5bg4Uyc... 54 B
109 B 61ms
60ms Script
application/javascript 172.253.115.113

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVp_-V4QVqeRncUNcr0nKSwJ_pikHMXkStETMdO3k7UJSPpxyD5oWt6uvaYU_5WzB2gKQTHg3xhICI3SoRSXOelNsS1m1ewsjDx3G3DPriXiMdKxbSX8Rdcoo7MJH1Tbhv9NqGTbLlTyySh6Xq-iD5bg4Uyczm6DJHC6jTleu-zaaMv1atuKbua_ebO/_.adgearpubs./pgrightsideads./468x060_/adfootright./delivery/avw.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.G8fuyyHgmYA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyj8VxkfOJT-VDw7ABPfm06TShcPw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

95cef2ce3ceae5f01ebc0262b53198999d09841615125166342ee013ab80258c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-31b4hJKHiuOWhmmKqKmCTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-31b4hJKHiuOWhmmKqKmCTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 38ms
37ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 12:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 13:39:51 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVbIf1pF1xg44gWmWxlyJnLtVvqlu5cqCw25jnMdOUtrDQSFjdJZFH1J6_eIYza52bE8q0bwIZETwP-jWjKbWXGXmGdE_MctoI95U5BQHiLpdLkmspAqW95IFtRQrpMbYnIYeqT5A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-im3NVm3Bcn6rqoXMoRru_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-im3NVm3Bcn6rqoXMoRru_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rustygriswold.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVbIf1pF1xg44gWmWxlyJnLtVvqlu5cqCw25jnMdOUtrDQSFjdJZFH1J6_eIYza52bE8q0bwIZETwP-jWjKbWXGXmGdE_MctoI95U5BQHiLpdLkmspAqW95IFtRQrpMbYnIYeqT5A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q7s8HxQ6HpAuQeHntyV-Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-q7s8HxQ6HpAuQeHntyV-Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rustygriswold.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVbIf1pF1xg44gWmWxlyJnLtVvqlu5cqCw25jnMdOUtrDQSFjdJZFH1J6_eIYza52bE8q0bwIZETwP-jWjKbWXGXmGdE_MctoI95U5BQHiLpdLkmspAqW95IFtRQrpMbYnIYeqT5A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0jTkWCm3SR-wkudhKdRu6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-0jTkWCm3SR-wkudhKdRu6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rustygriswold.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVbIf1pF1xg44gWmWxlyJnLtVvqlu5cqCw25jnMdOUtrDQSFjdJZFH1J6_eIYza52bE8q0bwIZETwP-jWjKbWXGXmGdE_MctoI95U5BQHiLpdLkmspAqW95IFtRQrpMbYnIYeqT5A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cK29DIRrj_ZCHVILOzHC9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-cK29DIRrj_ZCHVILOzHC9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWd7KxejHbdFLfrSSKwrQM7hEaKe0SsoteyLI4Gb9_Be9nmxpsDj-kyUysDSZ6BGxLqFSgOAvpf2Ol3ETW0oC72onWoxVWTCDmyS1ekaY2vWjz_NB_ml2nTGbFQNOenTzqEPgk5-Q== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 78ms
77ms Script
application/javascript 172.253.115.113

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWd7KxejHbdFLfrSSKwrQM7hEaKe0SsoteyLI4Gb9_Be9nmxpsDj-kyUysDSZ6BGxLqFSgOAvpf2Ol3ETW0oC72onWoxVWTCDmyS1ekaY2vWjz_NB_ml2nTGbFQNOenTzqEPgk5-Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NDQ5NjgxLDU1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ydXN0eWdyaXN3b2xkLmNhLyIsbnVsbCxbWzgsIkc4ZnV5eUhnbVlBIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

ab5d99e2fdafc2b03f7fb8ebe7abcb9f79630aacc63522d6e62f7171f423f98d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uzIGFwNdEon1G5wX1Ezc6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-uzIGFwNdEon1G5wX1Ezc6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVbIf1pF1xg44gWmWxlyJnLtVvqlu5cqCw25jnMdOUtrDQSFjdJZFH1J6_eIYza52bE8q0bwIZETwP-jWjKbWXGXmGdE_MctoI95U5BQHiLpdLkmspAqW95IFtRQrpMbYnIYeqT5A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H5BsSnt4WZZyk4nT1Ww0Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-H5BsSnt4WZZyk4nT1Ww0Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXKfS2erhdzbGq856z6gpJzA294qDcOIStkl5EpsSOYtHlLDaC5voTw0rXjo96-vjTbCHszEDYXUZvpqrwoj4-tqC0H1utCQIkZ-ziXim4C5DYUfGZhYvSieY38uoG8GU4XejGg0A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 78ms
77ms Script
application/javascript 172.253.115.113

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXKfS2erhdzbGq856z6gpJzA294qDcOIStkl5EpsSOYtHlLDaC5voTw0rXjo96-vjTbCHszEDYXUZvpqrwoj4-tqC0H1utCQIkZ-ziXim4C5DYUfGZhYvSieY38uoG8GU4XejGg0A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NDQ5NjgxLDEzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcnVzdHlncmlzd29sZC5jYS8iLG51bGwsW1s4LCJHOGZ1eXlIZ21ZQSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

13e8bddbfa5925d489f4ca4632c35be7db436bdb0508557b30ea82ab7b48ca85

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7LnWbpDCRLAoyyjQkbnStg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7LnWbpDCRLAoyyjQkbnStg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUsLRmvi2H_tb3AhHkzwqprLQyxRbq2Q27i5k5G1k7G0tPlclBKv-4M3pTu5vAV6TdHvmqtan4xdQaeEhdGB9AFubUKpnjsg8cWIwq7lRF-MR_nB_KQBA4p0IdBWIb_lnlQTFQy0g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 74ms
74ms Script
application/javascript 172.253.115.113

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUsLRmvi2H_tb3AhHkzwqprLQyxRbq2Q27i5k5G1k7G0tPlclBKv-4M3pTu5vAV6TdHvmqtan4xdQaeEhdGB9AFubUKpnjsg8cWIwq7lRF-MR_nB_KQBA4p0IdBWIb_lnlQTFQy0g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NDQ5NjgxLDIyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ydXN0eWdyaXN3b2xkLmNhLyIsbnVsbCxbWzgsIkc4ZnV5eUhnbVlBIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

6442870c9c9f0acdf3944e889f4b10d709a97fe3b3c065de9e70429bcbc27bab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LuMXg5im1Xv7_fuhDvetzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-LuMXg5im1Xv7_fuhDvetzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-9iXUEwYNFhJ7T5eYZ70jomvM-AyiAsC2i5V1SIsHdKSeJNsrFihIRm5hpjnH-KT9kb0ivUPsvq4ohUB_YwoIpvaLdLfQa0GlE2EAvq5jGvOcP38uWFxbdlYIE427WZqGg8FB5Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 56ms
56ms XHR
text/html 172.253.115.113

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-9iXUEwYNFhJ7T5eYZ70jomvM-AyiAsC2i5V1SIsHdKSeJNsrFihIRm5hpjnH-KT9kb0ivUPsvq4ohUB_YwoIpvaLdLfQa0GlE2EAvq5jGvOcP38uWFxbdlYIE427WZqGg8FB5Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kTfhdAxuKvVswSpti5tAWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kTfhdAxuKvVswSpti5tAWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rustygriswold.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVbIf1pF1xg44gWmWxlyJnLtVvqlu5cqCw25jnMdOUtrDQSFjdJZFH1J6_eIYza52bE8q0bwIZETwP-jWjKbWXGXmGdE_MctoI95U5BQHiLpdLkmspAqW95IFtRQrpMbYnIYeqT5A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.113 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-499PcADVVQMUOSEjwkfIBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rustygriswold.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Nov 2023 13:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-499PcADVVQMUOSEjwkfIBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rustygriswold.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 47ms
47ms Ping
text/plain 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7TKVW5VVYW&gtm=45je3b60v873983712&_p=1699449673651&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1687703441.1699449674&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1699449674&sct=1&seg=0&dl=https%3A%2F%2Frustygriswold.ca%2F&dt=Rusty%20Griswold%20Light%20Display%20%E2%80%93%20Illuminating%20your%20holidays%20with%20pixel%20lights%2C%20articles%2C%20tools%2C%20and%20recipes.&en=ad_impression&ep.query_id=CIDf3rK_tIIDFUIQaAgd-nAP9g&_et=5350&tfd=10908
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKVW5VVYW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.179.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: pd-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rustygriswold.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 13:21:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rustygriswold.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rustygriswold.ca/	1970-01-21 01:40:09	Name: _ga_7TKVW5VVYW Value: GS1.1.1699449674.1.0.1699449674.0.0.0
.rustygriswold.ca/	1970-01-21 01:40:09	Name: _ga Value: GA1.2.1687703441.1699449674
.rustygriswold.ca/	1970-01-20 16:05:36	Name: _gid Value: GA1.2.1981109625.1699449674
.rustygriswold.ca/	1970-01-20 16:04:09	Name: _gat_gtag_UA_184577474_1 Value: 1
.rustygriswold.ca/	1970-01-21 01:25:45	Name: __gads Value: ID=5c0eaafd37661885-227f38a1cce40074:T=1699449677:RT=1699449677:S=ALNI_MYkEz77VGdGLoJu4BYPGkrHGjNO1g
.rustygriswold.ca/	1970-01-21 01:25:45	Name: __gpi Value: UID=00000da0a491ae10:T=1699449677:RT=1699449677:S=ALNI_MZtAF-SvqMF2qXw46uvPxd7KxPMLA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rtbrain.app
fundingchoicesmessages.google.com
g.bidbrain.app
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
rustygriswold.ca
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.18.153.16
142.251.111.155
142.251.163.106
142.251.167.155
142.251.167.157
142.251.179.113
142.251.179.154
172.253.115.113
172.253.122.132
172.253.63.97
172.67.74.191
34.149.135.28
105567df7e239f535a6e067594e19c38ec10ab2ab1b494f3872e82e6cff0563e
13e8bddbfa5925d489f4ca4632c35be7db436bdb0508557b30ea82ab7b48ca85
1cb51fa1405fab99ec51f01f228d000c32f4e72f8b388602117c4aa9ac05af8f
248e28f8797df0db68f87e62a8ed23cc37757c8b431bc1b775b43c4b75630879
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321ccc756dc8930f4f8e1549ec7229584fe0e6eab18a6e86562c63ccb7c0034b
375d4f1072a3c32d1cfa9c8032d26072d2fdedb23d5ca99f37a6769b30268ab1
4c677479e23f5d0e503be5aa470cfae1fdad055a1456c537d5f3171ef5073299
4dac1c4879aef4e82515034e4b0907cbf26de1dd1c18627de6f9d097ec958f14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6442870c9c9f0acdf3944e889f4b10d709a97fe3b3c065de9e70429bcbc27bab
65ba95a7fe5aea36d2a6cadc9b7c69a87bfba08d7d19ab46987ef19f0529270b
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de0fe8da77b5630c572c51956f872097dda5f1c658078cbf07e7b8d7c6e9218
734354eff79f1464af65efaa7b7cdcb42e6f428c371f33e835f0fe9d95947a68
77b81299324e11a2620bd551e5755803d8cbc7103e77e4dcc0accc31e92cdb65
84ff2ec555649a80790f6eb12977712ba69ea7fb8257b04c5012dabd94f4da25
8afad9011803174bd0457df22c26816dffca35c05686eed2cfa93c4cad6177ab
8b23d759a6b477abee500b8486249ee8d329b9ee9f0e4f2fdaca0d2f2de00a74
8baf935edfa84aff1e8b5570c1e598bc3f58a96d6e7369d1969531e6920ebd7d
95cef2ce3ceae5f01ebc0262b53198999d09841615125166342ee013ab80258c
96cbfe92e249edd7ee4220baf58d767efa56c274a1a6f4c313dc2ac823174ee7
982a0ba20ccb0c9cac3f0a831bc2b50fe5d64f65860b3c5b4c708637de2c19df
a526617ed005d96ba268dc440a005e67463da882347d533343061884a2e7e15e
ab5d99e2fdafc2b03f7fb8ebe7abcb9f79630aacc63522d6e62f7171f423f98d
ac565c4f648974f773dc8877594f81a2b2d9caaf2b1d7a541d7e3066965e99da
b315da8034899a1ebb58ec1846f65fe6d26d48f5df6290da8cdc6e654ef18719
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c96cf2ad4d7452716cedbb902c7bf9fb64fb6b2774b78d34570781ba552fc754
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e07e1f098f187e8f7a796173025a029d0529690c16eef5d9bdd7ea26908392fe
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb30cece86f91bc4f88a1eedc5743bc60c211171c931898451e8311b8df287e5
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
eff1bb3e01cc48f7628bc97afb4da55e3a1c14404ad6f878e4ff6ad831e33328
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f6e0046b99ea390cf12c7a6075ed26b99bcdf483dec6d6b11b94a3cce1394b15
fc44cf6f19e21d15c539570bf3959ca346ec974593d6822dcf8ba2ef30fe5dc2

rustygriswold.ca Open in urlscan Pro 104.18.153.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

13 IPs

2 Countries

1500 kBTransfer

3413 kBSize

6 Cookies

2 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rustygriswold.ca Open in urlscan Pro
104.18.153.16 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

13
IPs

2
Countries

1500 kB
Transfer

3413 kB
Size

6
Cookies

61 HTTP transactions
2 data transactions