mrnussbaum.com Open in urlscan Pro
45.33.70.113 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mrnussbaum.com/
Submission: On October 15 via manual (October 15th 2024, 6:04:57 pm UTC) from US — Scanned from US

Summary HTTP 65 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 65 HTTP transactions. The main IP is 45.33.70.113, located in Cedar Knolls, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is mrnussbaum.com. The Cisco Umbrella rank of the primary domain is 138273.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on August 23rd 2024. Valid for: a year.

This is the only time mrnussbaum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	45.33.70.113 45.33.70.113	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
7	2607:f8b0:400... 2607:f8b0:400d:c0d::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::61	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:e20... 2a02:6ea0:e200::17	60068 (CDN77 _) (CDN77 _)
2	104.18.40.153 104.18.40.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::71	15169 (GOOGLE) (GOOGLE)
1	3.171.139.15 3.171.139.15	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:400d:c0d::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c0b::67	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0f::5e	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:400d:c0f::64	15169 (GOOGLE) (GOOGLE)
1	3.162.103.31 3.162.103.31	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:400d:c0b::84	15169 (GOOGLE) (GOOGLE)
65	15

26 45.33.70.113 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-33-70-113.ip.linodeusercontent.com

mrnussbaum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:400d:c0d::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:e200::17 (Ashburn, United States)

ASN60068 (CDN77 _, GB)

cdn1.readspeaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.40.153 (None, )

ASN13335 (CLOUDFLARENET, US)

static.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.171.139.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-139-15.jfk52.r.cloudfront.net

cdn.svgator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c0d::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0b::67 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0f::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:400d:c0f::64 (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.103.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-31.iad61.r.cloudfront.net

listgrowth.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0b::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	mrnussbaum.com mrnussbaum.com — Cisco Umbrella Rank: 138273	2 MB
14	google.com www.google.com — Cisco Umbrella Rank: 3 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682	74 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	327 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3	ctctcdn.com static.ctctcdn.com — Cisco Umbrella Rank: 6790 listgrowth.ctctcdn.com — Cisco Umbrella Rank: 7937	59 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	67 KB
2	readspeaker.com cdn1.readspeaker.com — Cisco Umbrella Rank: 29913	64 KB
1	gstatic.com www.gstatic.com	216 KB
1	svgator.com cdn.svgator.com — Cisco Umbrella Rank: 95255	13 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	105 KB
65	11

	Domain	Requested by
26	mrnussbaum.com	mrnussbaum.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	mrnussbaum.com pagead2.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	cdnjs.cloudflare.com tpc.googlesyndication.com
2	cdnjs.cloudflare.com	static.ctctcdn.com cdnjs.cloudflare.com
2	static.ctctcdn.com	mrnussbaum.com static.ctctcdn.com
2	cdn1.readspeaker.com	mrnussbaum.com cdn1.readspeaker.com
1	listgrowth.ctctcdn.com	cdnjs.cloudflare.com
1	www.gstatic.com	www.google.com
1	cdn.svgator.com	mrnussbaum.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	mrnussbaum.com
65	14

This site contains links to these domains. Also see Links.

Domain
www.teacherspayteachers.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
www.mrnussbaum.com Sectigo RSA Organization Validation Secure Server CA	`2024-08-23` - `2025-09-23`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
1202598265.rsc.cdn77.org E5	`2024-10-15` - `2025-01-13`	3 months	crt.sh
static.ctctcdn.com WE1	`2024-08-20` - `2024-11-18`	3 months	crt.sh
svgator.com Amazon RSA 2048 M02	`2023-11-17` - `2024-12-15`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
listgrowth.ctctcdn.com Amazon RSA 2048 M02	`2024-04-01` - `2025-04-30`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://mrnussbaum.com/
Frame ID: CEB130F287294FE1AD5669A6FD04796D
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241010/r20190131/zrt_lookup_fy2021.html
Frame ID: 4A2E7A96BDD93D1C9D87361A70CAFC38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4019829481923751&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729015491&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmrnussbaum.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729015491132&bpp=12&bdt=557&idt=589&shv=r20241010&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2879908555086&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343853%2C31087658%2C31087804%2C31087892&oid=2&pvsid=4211743777962000&tmod=428387391&uas=0&nvt=1&fsapi=1&fc=1920&brdim=310%2C310%2C310%2C310%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=610
Frame ID: 08CA6FEC893A409B1BF2B6E7F7C205E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4019829481923751&output=html&h=280&slotname=6804893836&adk=1459381805&adf=2956000271&pi=t.ma~as.6804893836&w=962&abgtt=6&fwrn=4&fwrnh=100&lmt=1729015491&rafmt=1&format=962x280&url=https%3A%2F%2Fmrnussbaum.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729015491144&bpp=9&bdt=569&idt=616&shv=r20241010&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2879908555086&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=319&ady=260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343853%2C31087658%2C31087804%2C31087892&oid=2&pvsid=4211743777962000&tmod=428387391&uas=0&nvt=1&fc=1920&brdim=310%2C310%2C310%2C310%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=625
Frame ID: C8D912347765F14CE02D8AA549BA013F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241010/r20190131/zrt_lookup_fy2021.html
Frame ID: A859C7718F59C5F5B94BBBE139BD1131
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: FDB923A0189798F8619451FAA55BBBB5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4211C8E05B4FA0644AAC231A8549FB4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MrNussbaum.com - thousands of educational games and activities for grades k-8.

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

65
Requests

98 %
HTTPS

71 %
IPv6

11
Domains

14
Subdomains

15
IPs

2
Countries

2721 kB
Transfer

5713 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.teacherspayteachers.com/Store/Mr-Nussbaum
Title: Teacher Pay Teachers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/735144528661712

Search URL Search Domain Scan URL

URL: https://twitter.com/mrnussbaum

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/mrnussbaumcom

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mrnussbaum.com/ 571 KB
113 KB 759ms
628ms Document
text/html 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 0d185780ecb35fc42e787cb760a6bb4f694c007316308c07beb4a9436453e789

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Oct 2024 18:04:49 GMT
server: nginx/1.25.5

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 353ms
211ms Script
text/javascript 2607:f8b0:400d:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4019829481923751

Requested by

Host: mrnussbaum.com
URL: https://mrnussbaum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0db038d12df385d8feb5676a9bf8c002d5aaff1665c1203b0175675677b2c0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mrnussbaum.com
Referer: https://mrnussbaum.com/

Response headers

content-encoding: br
etag: 14844437095481082998
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 18:04:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 18:04:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52571
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
105 KB 242ms
105ms Script
application/javascript 2607:f8b0:400d:c0d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VDR2GGLCWK

Requested by

Host: mrnussbaum.com
URL: https://mrnussbaum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55d6d4d035edfe70c467a1c6a3692ea65359442b22c41a802db8d0a59f724531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 15 Oct 2024 18:04:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106960
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 webReader.js Show response
cdn1.readspeaker.com/script/9880/webReader/ 78 KB
25 KB 388ms
112ms Script
application/javascript 2a02:6ea0:e200::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.readspeaker.com/script/9880/webReader/webReader.js?pids=wr
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4f05534bde1ad88eb06c42e40a51a47c01fd826a8c8d00d30269bc9f7d9cacc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

x-77-nzt: EgwBbT1b5QH384AHAAwBnJI73wG3ngEAAA
vary: Accept-Encoding
content-encoding: gzip
etag: W/"1372b-621fd26dc5721"
x-77-cache: HIT
access-control-allow-methods: GET
access-control-allow-origin: *
x-77-pop: ashburnUSVA
date: Tue, 15 Oct 2024 18:04:50 GMT
x-77-age: 491763
content-type: application/javascript
last-modified: Fri, 13 Sep 2024 09:50:22 GMT
x-77-nzt-ray: 0f63d4194ab5b66cc2ae0e6752a5e435
server: CDN77-Turbo
access-control-allow-headers: sentry-trace

GET
H2 200 app-48c3b199.css
mrnussbaum.com/build/assets/ 67 KB
67 KB 71ms
67ms Stylesheet
text/css 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrnussbaum.com/build/assets/app-48c3b199.css
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 48c3b199c14c51111a9e0434dd22488d6f42762b062438de8ad3b9e7ddbb291e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "66a637a4-10c09"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 68617
date: Tue, 15 Oct 2024 18:04:50 GMT
content-type: text/css
last-modified: Sun, 28 Jul 2024 12:20:52 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 logo.svg
mrnussbaum.com/images/ 25 KB
25 KB 111ms
107ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/logo.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: e848c05ebef93d9537e686bb58a8ccf7461bbc99c5d63da7f64ae385272363c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-63fb"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25595
date: Tue, 15 Oct 2024 18:04:50 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 mrnussbaum.png
mrnussbaum.com/images/ 213 KB
214 KB 123ms
119ms Image
image/png 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/mrnussbaum.png
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 2d426852cdee4ace37da1e589ecf6e50b204ed78ba158b19d634277f0c6c20b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "66119cce-353f6"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 218102
date: Tue, 15 Oct 2024 18:04:50 GMT
content-type: image/png
last-modified: Sat, 06 Apr 2024 19:04:46 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 white-logo.svg
mrnussbaum.com/images/ 5 KB
5 KB 619ms
618ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/white-logo.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 3ec69e0520f2683ff01331c4f06f74a76dfb2f42a2ffeda2312a747cadea3171

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-121b"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4635
date: Tue, 15 Oct 2024 18:04:50 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 app-61868673.css
mrnussbaum.com/build/assets/ 16 KB
16 KB 472ms
471ms Stylesheet
text/css 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrnussbaum.com/build/assets/app-61868673.css
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 61868673875e1f81eed9ce076195e36b443de0fcc897d01ef5cf562b8aa057e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "66a637a4-3e56"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15958
date: Tue, 15 Oct 2024 18:04:50 GMT
content-type: text/css
last-modified: Sun, 28 Jul 2024 12:20:52 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 app-1da39e71.js Show response
mrnussbaum.com/build/assets/ 953 KB
954 KB 212ms
211ms Script
application/javascript 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrnussbaum.com/build/assets/app-1da39e71.js
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 4e2fca9fd76d46ba6e0b04c41788d8a348b93ab4b72e3bc29042b86cea64848f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mrnussbaum.com
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "66a637a4-ee448"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 975944
date: Tue, 15 Oct 2024 18:04:50 GMT
content-type: application/javascript
last-modified: Sun, 28 Jul 2024 12:20:52 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 animations-4ed993c7.js Show response
mrnussbaum.com/build/assets/ 1 B
377 B 672ms
672ms Script
application/javascript 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrnussbaum.com/build/assets/animations-4ed993c7.js
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mrnussbaum.com
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "66a637a4-1"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1
date: Tue, 15 Oct 2024 18:04:50 GMT
content-type: application/javascript
last-modified: Sun, 28 Jul 2024 12:20:52 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 signup-form-widget.min.js Show response
static.ctctcdn.com/js/signup-form-widget/current/ 972 KB
53 KB 269ms
111ms Script
application/javascript 104.18.40.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc75487ea5ae5e6cab27c457ee4bcb5a39ac8938159e46283ca447c516aa9782

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: HIT
age: 161
expires: Wed, 15 Oct 2025 18:01:06 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: application/javascript
last-modified: Wed, 15 Feb 2023 15:34:18 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=900, public
cf-ray: 8d31bbe45e570f93-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54153
server: cloudflare

GET
H2 200 ReadSpeaker.Styles-Button.css
cdn1.readspeaker.com/script/9880/webReader/r/r2655/ 72 KB
39 KB 108ms
107ms Stylesheet
text/css 2a02:6ea0:e200::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.readspeaker.com/script/9880/webReader/r/r2655/ReadSpeaker.Styles-Button.css?v=3.8.6.2655
Requested by: Host: cdn1.readspeaker.com
URL: https://cdn1.readspeaker.com/script/9880/webReader/webReader.js?pids=wr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4eb0a2f8a34a1f06eab13b96ab30ebb4752f64acf7acf29fbf7eca7a5cd0c6aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: gzip
etag: W/"120bb-621fd1037a547"
x-77-cache: HIT
access-control-allow-methods: GET
expires: Sat, 14 Sep 2024 11:23:50 GMT
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: text/css
x-77-nzt-ray: 0f63d4194ab5b66cc3ae0e67803e6405
vary: Accept-Encoding
last-modified: Fri, 13 Sep 2024 09:44:02 GMT
access-control-allow-headers: sentry-trace
x-77-nzt: EgwBbT1b5QH38VoAAAwBnJI73wG3nQEAAA
cache-control: max-age=86400
access-control-allow-origin: *
x-77-pop: ashburnUSVA
x-77-age: 23281
server: CDN77-Turbo

GET
H2 200 section-bg-1-da6d767e.svg
mrnussbaum.com/build/assets/ 616 B
991 B 228ms
227ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/build/assets/section-bg-1-da6d767e.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/build/assets/app-48c3b199.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: da6d767ece627f79d206948915723f6553e3745cd5c2bbe8686eedc8b7867b5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/build/assets/app-48c3b199.css

Response headers

cache-control: max-age=315360000
etag: "66a637a4-268"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 616
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Sun, 28 Jul 2024 12:20:52 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 section-bg-2-9c3aa11d.svg
mrnussbaum.com/build/assets/ 715 B
1 KB 226ms
225ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/build/assets/section-bg-2-9c3aa11d.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/build/assets/app-48c3b199.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 9c3aa11dc1eb48a7fde91003a651bad8b8042adc4df03ce57c4f9d115026be16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/build/assets/app-48c3b199.css

Response headers

cache-control: max-age=315360000
etag: "66a637a4-2cb"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 715
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Sun, 28 Jul 2024 12:20:52 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 icomoon-93b7a32f.ttf
mrnussbaum.com/build/assets/ 16 KB
16 KB 213ms
212ms Font
application/octet-stream 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrnussbaum.com/build/assets/icomoon-93b7a32f.ttf?9yoq921
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/build/assets/app-48c3b199.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 93b7a32fc88658a7577131fee009f87725c57e2b2fa27883ba4c7020c142b547

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mrnussbaum.com
Referer: https://mrnussbaum.com/build/assets/app-48c3b199.css

Response headers

cache-control: max-age=315360000
etag: "66a637a4-3e9c"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16028
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: application/octet-stream
last-modified: Sun, 28 Jul 2024 12:20:52 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 PlusJakartaSans-Regular-856ac8f8.ttf
mrnussbaum.com/build/assets/ 92 KB
93 KB 215ms
214ms Font
application/octet-stream 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrnussbaum.com/build/assets/PlusJakartaSans-Regular-856ac8f8.ttf
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/build/assets/app-48c3b199.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 856ac8f8014b97ec80c73ac48dd91c4ec99f436b2862511c8dfdcab190a6579d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mrnussbaum.com
Referer: https://mrnussbaum.com/build/assets/app-48c3b199.css

Response headers

cache-control: max-age=315360000
etag: "66a637a4-17168"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 94568
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: application/octet-stream
last-modified: Sun, 28 Jul 2024 12:20:52 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/ 89 KB
31 KB 215ms
96ms Script
text/javascript 2607:f8b0:400d:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4019829481923751

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8a37e70b789bbf412f1be4a4771fc082e474d5bcf6c537310c9dad12001c6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: br
etag: 18185351159486948865
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 18:04:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 31854
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/ 421 KB
140 KB 231ms
112ms Script
text/javascript 2607:f8b0:400d:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4019829481923751

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33857d0e5badae0a15fb96ba4822bf041d6308037ed3e8b458c35e77d6a6592d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: br
etag: 10032212729837470389
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 18:04:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 143773
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 168ms
57ms Fetch
text/plain 2607:f8b0:400d:c0b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VDR2GGLCWK&gtm=45je4a90v887128898za200&_p=1729015490604&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101533422~101686685&cid=218224693.1729015491&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729015491&sct=1&seg=0&dl=https%3A%2F%2Fmrnussbaum.com%2F&dt=MrNussbaum.com%20-%20thousands%20of%20educational%20games%20and%20activities%20for%20grades%20k-8.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1409
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VDR2GGLCWK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0b::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://mrnussbaum.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 91c80d77.js Show response
cdn.svgator.com/ply/ 42 KB
13 KB 474ms
192ms Script
application/javascript 3.171.139.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.svgator.com/ply/91c80d77.js?v=2022-05-04
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/build/assets/app-1da39e71.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.139.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-171-139-15.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49df5c03a2c49c77059cf8f40f84c4c921a7b40fa8b5d94b680b80aabf5d3228

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

vary: Accept-Encoding, Origin
cache-control: public,s-maxage=2592000,max-age=3600
content-encoding: gzip
x-amz-version-id: ojTPi00wMda2OV6JAfRLAHx3CuXe2Yr0
etag: W/"6ce60bad4a97cc9e50d217b0c2d159ed"
age: 893194
via: 1.1 0f73566e099d1b7819d92fde74c3925e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: HFuHqmixrlOOc4DVGUEQSZeVdweha7gwAeeWIXQz9sTXo9Vbdfckrw==
date: Sat, 05 Oct 2024 09:58:18 GMT
content-type: application/javascript
last-modified: Thu, 05 Sep 2024 08:40:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P8
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mrnussbaum.com
Referer

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 adds.svg
mrnussbaum.com/images/benefits/ 5 KB
6 KB 36ms
29ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/benefits/adds.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 17749e666d27080faea8646523cad255c6b4cab3e038ea574deb5a152ce83981

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-1597"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5527
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 activity.svg
mrnussbaum.com/images/benefits/ 7 KB
8 KB 35ms
28ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/benefits/activity.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 8911b5b65ac777dccd7fecffd70a5bb4c5db8ce62c3a76629dfb1c4fd539e66b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-1de3"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7651
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 additional.svg
mrnussbaum.com/images/benefits/ 5 KB
5 KB 36ms
31ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/benefits/additional.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: a87a019856a9f8789c00156a505579d5ec3f6b97f41e5beb579aa108e042f9b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-12a6"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4774
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 student.svg
mrnussbaum.com/images/benefits/ 3 KB
3 KB 35ms
30ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/benefits/student.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 75a6cc75d289a99089449834ba4c2520991048c7762e382e012d5d7e5324e402

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-b58"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2904
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 google.svg
mrnussbaum.com/images/benefits/ 8 KB
9 KB 47ms
43ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/benefits/google.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 2c66c46bf8d48a8ded2756a212a65e5484af3dfae5d3bb2de57ab95ff82fb278

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-214a"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8522
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 reading.svg
mrnussbaum.com/images/benefits/ 10 KB
10 KB 50ms
45ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/benefits/reading.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 9ba63adf552bfd8d95e0b0af6a2bbc8feeec5844771ce4ff1d32a1c3c46acdbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-266d"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9837
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 makers.svg
mrnussbaum.com/images/benefits/ 10 KB
10 KB 50ms
46ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/benefits/makers.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: df1161a818b87594ef3f773d22ec2bfcfa338562f0408cddef02d346f03355b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-2708"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9992
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 tournaments.svg
mrnussbaum.com/images/benefits/ 11 KB
11 KB 52ms
48ms Image
image/svg+xml 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/images/benefits/tournaments.svg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 4aa7774dbddd72410fdca949c4ec131f0239358e3a1ebd73c6f8aa43a4d998a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65cb6ae2-2a62"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10850
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Feb 2024 13:13:06 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 5dc1b59ef6cb71217cbfb0e7e5bdef1b.jpg
mrnussbaum.com/storage/uploads/activity-images/ 118 KB
118 KB 54ms
50ms Image
image/jpeg 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/storage/uploads/activity-images/5dc1b59ef6cb71217cbfb0e7e5bdef1b.jpg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 563ae25b04b41e7537f883a7a9b36db2922ab8fa7c5e36c79fba5f9264cab89c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "5f7fa5f6-1d7b4"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 120756
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/jpeg
last-modified: Thu, 08 Oct 2020 23:51:18 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 8781ae52dfed46909f76c3496d8edce6.jpg
mrnussbaum.com/storage/uploads/activity-images/ 8 KB
8 KB 141ms
137ms Image
image/jpeg 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/storage/uploads/activity-images/8781ae52dfed46909f76c3496d8edce6.jpg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 7323173732b757f57ee95fb680e28dff6a94387a451e6a3c9fefc3f61f316a7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "5c4c9464-1f38"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7992
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/jpeg
last-modified: Sat, 26 Jan 2019 17:09:56 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 5c2277ca81f5d56d9fe7c9b28aa31fa5.jpg
mrnussbaum.com/storage/uploads/activity-images/ 18 KB
19 KB 157ms
154ms Image
image/jpeg 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/storage/uploads/activity-images/5c2277ca81f5d56d9fe7c9b28aa31fa5.jpg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 793f0c9435045dab84c9bb403b5b4c680df35ac7f872a2e098fb4b22d03028e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "5c65cfb8-49d6"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18902
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/jpeg
last-modified: Thu, 14 Feb 2019 20:29:44 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 8726acdf12c46ba8f946943e8bc9a38c.jpg
mrnussbaum.com/storage/uploads/activity-images/ 36 KB
36 KB 160ms
157ms Image
image/jpeg 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/storage/uploads/activity-images/8726acdf12c46ba8f946943e8bc9a38c.jpg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: af4b49e453c7c1142350ea893e8e5f43ba3c1eda80f5741be595dd79889d988f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "5c6a2408-8fcd"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36813
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/jpeg
last-modified: Mon, 18 Feb 2019 03:18:32 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 5b9da9723c9eb73a616f91f4ef3a91d3.jpg
mrnussbaum.com/storage/uploads/activity-images/ 43 KB
44 KB 174ms
172ms Image
image/jpeg 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrnussbaum.com/storage/uploads/activity-images/5b9da9723c9eb73a616f91f4ef3a91d3.jpg
Requested by: Host: mrnussbaum.com
URL: https://mrnussbaum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 00ebacbc731b3e8ed9abad8ebaa0fc7f254ccfb7ae5787d246b00b9107370f21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "5c539da2-ad1f"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44319
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: image/jpeg
last-modified: Fri, 01 Feb 2019 01:15:14 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 242 KB
61 KB 444ms
216ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js

Requested by

Host: static.ctctcdn.com
URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec4-3c72d"
age: 428086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m12GaA2cRNUcQvZEkRXZ91Uf82ur8Qj%2BawtNP8sAoi6XogBSTbXUbXfG8r4z7hcHI0M9o5ONVOhmfJe%2FHwEnqYD52HDfuufDnDX1Z3TxPQrVe0G5RAuLxT5pxMSUD7cq%2BHj4tKFtg4GVZC87zjtR4TYf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 05 Oct 2025 18:04:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 15 Oct 2024 18:04:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d31bbe8ae650f8f-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61737
server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241010/r20190131/ Frame 4A2E 0
0 495ms
65ms Document
text/html 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241010/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrnussbaum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 37682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 07:36:50 GMT
etag: 13108003645644964576
expires: Tue, 29 Oct 2024 07:36:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 08CA 0
0 1486ms
1070ms Document
text/html 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4019829481923751&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729015491&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmrnussbaum.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729015491132&bpp=12&bdt=557&idt=589&shv=r20241010&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2879908555086&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343853%2C31087658%2C31087804%2C31087892&oid=2&pvsid=4211743777962000&tmod=428387391&uas=0&nvt=1&fsapi=1&fc=1920&brdim=310%2C310%2C310%2C310%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=610

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrnussbaum.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 58449
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 18:04:52 GMT
expires: Tue, 15 Oct 2024 18:04:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame C8D9 0
0 1526ms
1135ms Document
text/html 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4019829481923751&output=html&h=280&slotname=6804893836&adk=1459381805&adf=2956000271&pi=t.ma~as.6804893836&w=962&abgtt=6&fwrn=4&fwrnh=100&lmt=1729015491&rafmt=1&format=962x280&url=https%3A%2F%2Fmrnussbaum.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729015491144&bpp=9&bdt=569&idt=616&shv=r20241010&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2879908555086&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=319&ady=260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343853%2C31087658%2C31087804%2C31087892&oid=2&pvsid=4211743777962000&tmod=428387391&uas=0&nvt=1&fc=1920&brdim=310%2C310%2C310%2C310%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=625

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrnussbaum.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 18:04:52 GMT
expires: Tue, 15 Oct 2024 18:04:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 258ms
256ms Fetch
text/html 2607:f8b0:400d:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4019829481923751
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0d::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://mrnussbaum.com/

Response headers

GET
H3 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 39ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb04015-4041"
age: 429231
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BbRW1GaBaQ1lbk0jG3Lei7syHiC%2F1bF6rBdtb%2BuGILLtUqw55SCg4pP0eRUWVd9UJCAkTk2oAK8R5XMWqKI%2BjQcJ5%2F3GIUsolvxnds9MSGbj7sSAjP85k8l0Ly3hcKCL1pJYtsGUvXe5SLAN%2F%2BdjyPbr"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 05 Oct 2025 18:04:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 15 Oct 2024 18:04:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:17:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d31bbeac9360f8f-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5303
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
994 B 176ms
48ms Script
text/javascript 2607:f8b0:400d:c0b::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::67 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dcb178570d83f5ad5dd5e1e3b431034705f2e7be384c3788d15e0a255ea3fd9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 18:04:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 15 Oct 2024 18:04:52 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/ 546 KB
216 KB 127ms
38ms Script
text/javascript 2607:f8b0:400d:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mrnussbaum.com
Referer: https://mrnussbaum.com/

Response headers

content-encoding: gzip
age: 471892
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 07:00:00 GMT
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220951
x-xss-protection: 0
server: sffe

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/ 172 KB
58 KB 107ms
107ms Script
text/javascript 2607:f8b0:400d:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4988c70075f8ac5439d334ef2883ac9763af4366f8c5a722e8b51a9bbe36b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: br
etag: 8852920756423644834
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 18:04:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 18:04:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 59084
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-4019829481923751 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 388ms
72ms Script
application/javascript 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4019829481923751?href=https%3A%2F%2Fmrnussbaum.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bb4a83752d79a0613dceb16cd68ded0763a776781a8e2c5a4f0e89a300fcfa5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dQ7Mc54w07ykRmmNgRjwDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw05BiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XAcvbtrB5vAi2tXjzApaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJroGZjEFxgAAGPySy0"
content-security-policy: script-src 'report-sample' 'nonce-dQ7Mc54w07ykRmmNgRjwDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 signup-form-widget.css
static.ctctcdn.com/js/signup-form-widget/current/ 36 KB
4 KB 92ms
91ms Stylesheet
text/css 104.18.40.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.css
Requested by: Host: static.ctctcdn.com
URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ec0263d406e2e385454d1856eec5285a9033f5e4a38c19cebade6e99eb57d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 449
expires: Wed, 15 Oct 2025 17:42:49 GMT
cf-polished: origSize=51270
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Oct 2024 18:04:53 GMT
content-type: text/css
last-modified: Wed, 15 Feb 2023 15:34:18 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=900, public
cf-ray: 8d31bbf18e5c0f93-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 614cc329124984e4121b5f7b98bcc9a4.json Show response
listgrowth.ctctcdn.com/v1/ 3 KB
2 KB 359ms
71ms XHR
application/json 3.162.103.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://listgrowth.ctctcdn.com/v1/614cc329124984e4121b5f7b98bcc9a4.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.103.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-103-31.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7723dca3c349c9b7b16498aaff40ea19be9b4051a8cc8c6c591ee99f2b2158a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Referer: https://mrnussbaum.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: recaptcha-key
content-encoding: gzip
x-amz-version-id: _idMj3N5vO8jlc.VSty8M.aVQAr3WRfc
etag: W/"193d19e1f54e9d997ba208bc1ca8ac93"
access-control-allow-methods: GET
x-cache: RefreshHit from cloudfront
x-amz-cf-id: KcfCKB3VvBl-hsiwezsSB4_TBavQWWy_LbrlrecwFVkyJ4tJfMUAXQ==
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: application/json
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Thu, 05 Sep 2024 12:49:42 GMT
x-amz-id-2: 4jmOVhNa6jwixYO4VJYTZp8zZMGkA/jzJoV4zKbwt5JDcWC7ogPa57Wz1NIguIIMwzTZxYGO5wY=
x-amz-replication-status: COMPLETED
cache-control: max-age=5
recaptcha-key: 6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
via: 1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
x-amz-request-id: 0E5FD18Z0J8E4Y5P
access-control-allow-origin: *
x-amz-cf-pop: IAD61-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H3 204 AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 298ms
98ms XHR
text/html 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HbDIopk62Mr4rSHmmqXX9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mrnussbaum.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIib49jdXTvYBGZsXyam5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMDQxN9AzM4wsMAJ_wLt8"
content-security-policy: script-src 'report-sample' 'nonce-HbDIopk62Mr4rSHmmqXX9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mrnussbaum.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxXhLF7ABizIjGqX-OdNgTRyFWXQyPqETG2fvTxN9k3M5y0Vtgluyg9WObWJhq4lwVTuHRIEH3VvCv5tRGhqQpwYmZNITBItACoqAnk5aY6GHgiM0hQW62TvMMSRc5vWYkiPXi2-gQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 115ms
114ms Script
application/javascript 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXhLF7ABizIjGqX-OdNgTRyFWXQyPqETG2fvTxN9k3M5y0Vtgluyg9WObWJhq4lwVTuHRIEH3VvCv5tRGhqQpwYmZNITBItACoqAnk5aY6GHgiM0hQW62TvMMSRc5vWYkiPXi2-gQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MDE1NDkzLDgwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tcm51c3NiYXVtLmNvbS8iLG51bGwsW1s4LCJaTHBkUFZpaEt0RSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f69e456e0e7c7f832a231adf92b2637230b9f4fdff302620a77d27bdc4bf08c8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ZKnO5gAFIt3kM3ptsRx00Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XAcvbtrB5vAgsc7pzAraSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJroGZjEFxgAAE4TSqo"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ZKnO5gAFIt3kM3ptsRx00Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241010/r20190131/ Frame A859 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241010/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrnussbaum.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 37682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 07:36:50 GMT
etag: 13108003645644964576
expires: Tue, 29 Oct 2024 07:36:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVWMaxiwPl2jilWiBZbVaxACVn5hIJFAGu6VwtPuFvl_Cvx4SfLW5qY7e1nYgpAq3iYjcwVGByEkzIESDRW5lTDhpiZG5YX5kWH46T48hi6DyVTzEeptx_YFhEgG8sFm4ppSsj2cQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 70ms
70ms Script
application/javascript 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVWMaxiwPl2jilWiBZbVaxACVn5hIJFAGu6VwtPuFvl_Cvx4SfLW5qY7e1nYgpAq3iYjcwVGByEkzIESDRW5lTDhpiZG5YX5kWH46T48hi6DyVTzEeptx_YFhEgG8sFm4ppSsj2cQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MDE1NDkzLDkyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbXJudXNzYmF1bS5jb20vIixudWxsLFtbOCwiWkxwZFBWaWhLdEUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

064547b75c8c1a47b654d26635185d5ac98fe0f331ee352c21ed05882e509436

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-egVXyKHzxeoznYjUJcLFkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XAcvbtrB5vAgpfN55mVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE30DEziCwwATyFKtA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-egVXyKHzxeoznYjUJcLFkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adiframe Show response
fundingchoicesmessages.google.com/f/AGSKWxV-Ko2XQJhMAQeBfDOgl3wq96ssOPHFknuerdjzeV0Pw0AKyOsZtCfENj5yVtH4pG5oXmaDFFWmzCvxttPX_RlLJ0MXybvGW-W31ucW_XtNH-0gPeq5ZVHWcAIZRvGhsG4v57w84mA33IjlAHIrJ9A2dlgLE... 54 B
109 B 55ms
54ms Script
application/javascript 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV-Ko2XQJhMAQeBfDOgl3wq96ssOPHFknuerdjzeV0Pw0AKyOsZtCfENj5yVtH4pG5oXmaDFFWmzCvxttPX_RlLJ0MXybvGW-W31ucW_XtNH-0gPeq5ZVHWcAIZRvGhsG4v57w84mA33IjlAHIrJ9A2dlgLE_IwD1sL-ctZ-X88MuuYGEJzQr3PvQPQ/_/adborder./adiframe??wppaszoneid=/adspi.-small-ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwkS_3mAi7f8mEi1C0TCXXBMVFQQw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0f4b709c130d9d54f9160b50510063b834dcc6a293b8f0bdc781988156f6851

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GM_0Qt338J6H5w34maKULw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamDU4pJicNWQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcBy7u2sHm0DD8ecbmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfQMTOILDADAZE--"
content-security-policy: script-src 'report-sample' 'nonce-GM_0Qt338J6H5w34maKULw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 71 KB
26 KB 52ms
52ms Script
text/javascript 2607:f8b0:400d:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4470800cfc08b893c6c1a9bf5ea90eed6200df46e5649f7563512d93eace7f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: br
etag: 2101037659935550848
age: 2730
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 18:19:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 15 Oct 2024 17:19:24 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26638
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_dK0RzwgAwxrqBoOmjJSJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mrnussbaum.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH49jdXTvYBBasX7aRScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmugZmMcXGAAA4b0vfA"
content-security-policy: script-src 'report-sample' 'nonce-_dK0RzwgAwxrqBoOmjJSJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mrnussbaum.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
78ms XHR
text/html 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u_PzMjiUVMViJxMiJ3J-WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mrnussbaum.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH49jdXTvYBD4s3HGKScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmugZmMcXGAAAAVov6Q"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u_PzMjiUVMViJxMiJ3J-WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mrnussbaum.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 96ms
95ms XHR
text/html 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3ZWO87jyHpTJHD7Zyhf8jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mrnussbaum.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH49jdXTvYBDp-TrrFpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfQMzOMLDADypS-8"
content-security-policy: script-src 'report-sample' 'nonce-3ZWO87jyHpTJHD7Zyhf8jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mrnussbaum.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 104ms
104ms XHR
text/html 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qhfGsjofjFo39iGxOL-KJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mrnussbaum.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH49jdXTvYBDouTb7HpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfQMzOMLDADpQC-b"
content-security-policy: script-src 'report-sample' 'nonce-qhfGsjofjFo39iGxOL-KJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mrnussbaum.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWkZzuPSfIdgwkqiJPFCTiw_5thTLEd_RYSGwyhggAOmpna4G2M9_P7avy2sYDSwFcIMBE6hDxdh7LUJzTb6S7dx1JPF5ssuMheeKMmdGCmvQu9hgxiUYeIQf5JxigcoAICukQ6yQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 87ms
87ms Script
application/javascript 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkZzuPSfIdgwkqiJPFCTiw_5thTLEd_RYSGwyhggAOmpna4G2M9_P7avy2sYDSwFcIMBE6hDxdh7LUJzTb6S7dx1JPF5ssuMheeKMmdGCmvQu9hgxiUYeIQf5JxigcoAICukQ6yQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MDE1NDk0LDY3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tcm51c3NiYXVtLmNvbS8iLG51bGwsW1s4LCJaTHBkUFZpaEt0RSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8381c61aa2a23eb3fd3b0469241f8543573aca00dcb19ef7c543bdf7dea6e3e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GO35Yqnonrqqn2E3jJC0ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmII1pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XAcu7trB5tAx-11V5iUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE30DEziCwwAUq5KwQ"
content-security-policy: script-src 'report-sample' 'nonce-GO35Yqnonrqqn2E3jJC0ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxV1_GTLKQjmYaxqkkjxrRNGPLbnSlLoX2cagm2AxT0o01t-aIDFmqJQTrof4GBp7fguW0o0C6Wa-RvxPkwM0Vm4ZP3QFcYVfNzK2qcmfQlDdE6KTRis-7wJq9h6A5iYu2E2spzw4g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
53ms XHR
text/html 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV1_GTLKQjmYaxqkkjxrRNGPLbnSlLoX2cagm2AxT0o01t-aIDFmqJQTrof4GBp7fguW0o0C6Wa-RvxPkwM0Vm4ZP3QFcYVfNzK2qcmfQlDdE6KTRis-7wJq9h6A5iYu2E2spzw4g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ehBxACVyoci5EysM4bucwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mrnussbaum.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH49jdXTvYBBY8WveHScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmugZmMcXGAAADYowDg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ehBxACVyoci5EysM4bucwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mrnussbaum.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 223ms
222ms XHR
text/html 2607:f8b0:400d:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVzuBKPRB-ZuKOD3vsr9z7R4LBnsZXGpCjZHWboMp4VZL5UjAA0uSMWRNZylMDLXfV83-ghsm3J6tlhJps7XVvN0cFrJtRBoOlXGRDU-W55kjz647JdE9a2n6tTV8E2vc5-Dxz2IA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G-nJf773Pu4reonNAx1Row' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mrnussbaum.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH49jdXTvYBDraznQzK7kk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwNDEz0D8_gCAwDQOC8-"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G-nJf773Pu4reonNAx1Row' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mrnussbaum.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 225ms
225ms XHR
application/json 2607:f8b0:400d:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241010&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e1bb4a428b866f5dc2bb95342ba2fc6462dcbe87483a02aec9638f8463af26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12881
date: Tue, 15 Oct 2024 18:04:54 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 favicon.png
mrnussbaum.com/ 1 KB
1 KB 66ms
64ms Other
image/png 45.33.70.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrnussbaum.com/favicon.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.33.70.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-33-70-113.ip.linodeusercontent.com
Software: nginx/1.25.5 /
Resource Hash: 407082fa11bfe2a53161c5dfd3ab7620e633f84c805222078ced13a0cd5c7742

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

cache-control: max-age=315360000
etag: "65304bce-449"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1097
date: Tue, 15 Oct 2024 18:04:54 GMT
content-type: image/png
last-modified: Wed, 18 Oct 2023 21:19:10 GMT
server: nginx/1.25.5
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 268ms
59ms Script
text/javascript 2607:f8b0:400d:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mrnussbaum.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 18:04:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 18:04:55 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame FDB9 0
0 37ms
37ms Document
text/html 2607:f8b0:400d:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrnussbaum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 17:42:03 GMT
expires: Tue, 15 Oct 2024 18:32:03 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 4211 0
0 157ms
45ms Document
text/html 2607:f8b0:400d:c0b::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::67 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LIhS5gLLMfmobswMkBmiNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrnussbaum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LIhS5gLLMfmobswMkBmiNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 18:04:55 GMT
expires: Tue, 15 Oct 2024 18:04:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241010&jk=4211743777962000&bg=!PD-lP3DNAAaUWUsktFk7ADQBe5WfOPetL7ayHphIZ_4Q3rvWYIXwyXuXsuL6Nzrqy1VfIr60j2-TbbwOjf9tolcs4shEAgAAAEVSAAAABmgBB34ANm2MOwZr3ruG-5AEqRyNSd1siNKDhNbvvBE6Ny77-rbHYnokXy3Eilu8c5h3P_wQphtQxk7pzgoArOx_6uuOAFmkROmVAJFT543SyUuJZaqDMyDyQJ8A9lqp2DBz7cwaoFEi1swEyQLjWy1HyzHnJQZ4ccd30ambp2_beAUcV2mzsDAYsaFuuwbS4RVp9CI8PxU2kB-mAdZ1bBGQMzI1kIgnS3A5Wl26xjigktu107IdZh871fll6ehHRbMtIEOaLSm61xbYYpWyOcFpVw3cH8QYlrdadnwZyvj4srk6o_U-GBdOajSZApEg5GbGvpTmxM42W7ypjhWtNGmb49Bhn3LvIwQHsvDXPNEYQ-THgbvTxuxR5HZLuZjV2vHYOEmtgyjQ8-43771bUV4jZ_bE1UJBrvVa64AWBNTEeTEJ8kW7NBn9tAtjZNWtp2vbUPNtDeR8UY7mG5MBpwHFm7gomkQGTUdfj4WpkImaHFvvcChLzoDrzbYlrghAIQgVeZXM-7_aTzcpvALm907ZlRCEjFycSsv6KdnlkYsjsJQLAmf2L1_dNWruMnX_bilbe1OC8n1lME4uoHP8h9Z-1g5-duxOkiBR7MbxUHOTjadcY3NH81Z1C8KzjsakwFCQZfb_9D2XhcX9foYvDg1o-BkmZMhwMxFcDip16sZIypCXdAVkg1tA-QVi6rAqzaoaE7DdeKJNbo-EESEdAjtnG_r_znMJdF5HcqP8gKNYRosgegN8Jp0SzkwZX5Ff1-nX36juSATc--GjtWI1k07T8OslsXYrD2_80UTv60jcNvKy2kIdXxTSwPkQwEvC8xh-VbZq26oSX_2sV05zqdZTH74RZIzR2qVzedjOb_JkX9de553NOxYtbq9Swy5QXinpBv284_oPDBRpbzpPNakn9iqncDkQ1kUq0xiUg2wQYcVuVYcg-Dp6hfQImKcFSAYYTwxr7YZBvdHDxNjn8h3aCa2WbygV6mXMpKvN-ee4IhojkfU8Pkc4Lg5pzFqqC83uRl-s52DOU77ebkf2D3j5IsPtwPVJSCJIxQh2aPLtclTld5gzq6FVzuoSOJoilbmMB1zYWliODUB7fzG17RmeSZRoISwPJpozE4B_mtQ9uTW_uVSDszV9b5PzPRi7F_Hab4hmON1-mHVTGLlYp4ZecpkOqzpLmZQCYt_0Rvs

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mrnussbaum.com/	1970-01-21 00:17:02	Name: XSRF-TOKEN Value: eyJpdiI6IjNaZkw2bkxwR0FxOGI3a0xGR1VyNUE9PSIsInZhbHVlIjoiSm9sak5zeVRrWWNqZFF0ek1qTS9NRUZUWm9sVnJiQ0xIVTI3emFrb1BIeC9Vdkk3QVBRQXUvWTNtSlFGcTdLc0dUc2VubWFUcVZSSXQ2WDh2ZStjQ3Mzb1pQYnN3ZmJJV1lJSitOY1M2ZW03VnFhNi9ZVitDQkhnRFhwaWpMQkMiLCJtYWMiOiJlZmNiMzJkNTRkMDE2NWY0ZjhjMzRmYmZhYmY4YTQxYjQ5MGE3NDFiYjMwOTQ3MjlmYTc0ZDI5MWVkN2IzODYzIiwidGFnIjoiIn0%3D
mrnussbaum.com/	1970-01-21 00:17:02	Name: mr_nussbaum_session Value: eyJpdiI6Ilg5eUVKeWt3dmd5a3hQd0ZiSDJabmc9PSIsInZhbHVlIjoiUUZMdHFGeC85cnNTS0ZIN2k0ejRKaFJ3c1BZWkZlK0FaM2hTbnpLUGpoMHVUWFVOK2VoMWZxcVBybHFqdjBvSmkwSHlmZE41MmQ1NlRTbDYyMFNRTVo4QUwrRTl0UmxDd1RYS3VrU2gxdC9kOCthVlhqQ2VKTmtIWTJCbld1RFciLCJtYWMiOiJkZmE1YmQ0NTEwNDcxM2YwMGM3NTQ2YmU5N2ExNzI4NzEwN2UxMTFiZWRjYWM1YzI3NjJmMzlmZjY5ZmM5ZmMyIiwidGFnIjoiIn0%3D
.mrnussbaum.com/	1970-01-21 09:52:55	Name: _ga Value: GA1.1.218224693.1729015491
.static.ctctcdn.com/	1970-01-21 00:16:57	Name: __cf_bm Value: L.6K0Fr2c2EI.uLXYMLnUWgGRdqeyHaTI5bSDgDiMKc-1729015491-1.0.1.1-DtZWmtUfPYftMTD6uZ_mXaiv.SozeLyVJZ6kp5_pk4o3w1k1_bHQodZ_xt2qty.DpM5E0I.ZUr56STu6anV5qw
.doubleclick.net/	1970-01-21 00:16:56	Name: test_cookie Value: CheckForPermission
.mrnussbaum.com/	1970-01-21 09:38:31	Name: __gads Value: ID=7344f716228d7e28:T=1729015492:RT=1729015492:S=ALNI_Mb6-A6SPoFvHZn-Cr4H2D0Q0p0osQ
.mrnussbaum.com/	1970-01-21 09:38:31	Name: __gpi Value: UID=00000f29d78ff0e2:T=1729015492:RT=1729015492:S=ALNI_MaU98XW71I5E7Q-JM0k5Kc0iMkeKQ
.mrnussbaum.com/	1970-01-21 04:36:07	Name: __eoi Value: ID=273b6c956edc92e6:T=1729015492:RT=1729015492:S=AA-AfjZ_82RCHPstfN8RMYLgy65S
.mrnussbaum.com/	1970-01-21 09:52:55	Name: _ga_VDR2GGLCWK Value: GS1.1.1729015491.1.0.1729015494.0.0.0
.mrnussbaum.com/	1970-01-21 09:02:31	Name: FCNEC Value: %5B%5B%22AKsRol9qVldP6H2yPHJTGgv4wm-EVdUKBla-s7frbCMpEnUsurgYwrKLt1wph6wX8zH1aUMja6q8FRFZngspbmtEgCdT7fhabUTFoVs9oaxzBljIGXv7moAKGsN6tvjV-57Kiz01oZfxn3DBFDMA5_VMF-nIX--XEA%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.svgator.com
cdn1.readspeaker.com
cdnjs.cloudflare.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
listgrowth.ctctcdn.com
mrnussbaum.com
pagead2.googlesyndication.com
static.ctctcdn.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
104.18.40.153
2606:4700::6811:180e
2607:f8b0:400d:c0b::67
2607:f8b0:400d:c0b::71
2607:f8b0:400d:c0b::84
2607:f8b0:400d:c0d::61
2607:f8b0:400d:c0d::9a
2607:f8b0:400d:c0d::9b
2607:f8b0:400d:c0f::5e
2607:f8b0:400d:c0f::64
2a02:6ea0:e200::17
3.162.103.31
3.171.139.15
45.33.70.113
00ebacbc731b3e8ed9abad8ebaa0fc7f254ccfb7ae5787d246b00b9107370f21
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04ec0263d406e2e385454d1856eec5285a9033f5e4a38c19cebade6e99eb57d3
064547b75c8c1a47b654d26635185d5ac98fe0f331ee352c21ed05882e509436
0d185780ecb35fc42e787cb760a6bb4f694c007316308c07beb4a9436453e789
0db038d12df385d8feb5676a9bf8c002d5aaff1665c1203b0175675677b2c0a2
17749e666d27080faea8646523cad255c6b4cab3e038ea574deb5a152ce83981
2c66c46bf8d48a8ded2756a212a65e5484af3dfae5d3bb2de57ab95ff82fb278
2d426852cdee4ace37da1e589ecf6e50b204ed78ba158b19d634277f0c6c20b6
33857d0e5badae0a15fb96ba4822bf041d6308037ed3e8b458c35e77d6a6592d
3ec69e0520f2683ff01331c4f06f74a76dfb2f42a2ffeda2312a747cadea3171
407082fa11bfe2a53161c5dfd3ab7620e633f84c805222078ced13a0cd5c7742
4470800cfc08b893c6c1a9bf5ea90eed6200df46e5649f7563512d93eace7f39
48c3b199c14c51111a9e0434dd22488d6f42762b062438de8ad3b9e7ddbb291e
49df5c03a2c49c77059cf8f40f84c4c921a7b40fa8b5d94b680b80aabf5d3228
4aa7774dbddd72410fdca949c4ec131f0239358e3a1ebd73c6f8aa43a4d998a6
4e2fca9fd76d46ba6e0b04c41788d8a348b93ab4b72e3bc29042b86cea64848f
4eb0a2f8a34a1f06eab13b96ab30ebb4752f64acf7acf29fbf7eca7a5cd0c6aa
4f05534bde1ad88eb06c42e40a51a47c01fd826a8c8d00d30269bc9f7d9cacc5
55d6d4d035edfe70c467a1c6a3692ea65359442b22c41a802db8d0a59f724531
563ae25b04b41e7537f883a7a9b36db2922ab8fa7c5e36c79fba5f9264cab89c
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302
61868673875e1f81eed9ce076195e36b443de0fcc897d01ef5cf562b8aa057e7
7323173732b757f57ee95fb680e28dff6a94387a451e6a3c9fefc3f61f316a7a
75a6cc75d289a99089449834ba4c2520991048c7762e382e012d5d7e5324e402
793f0c9435045dab84c9bb403b5b4c680df35ac7f872a2e098fb4b22d03028e6
8381c61aa2a23eb3fd3b0469241f8543573aca00dcb19ef7c543bdf7dea6e3e4
856ac8f8014b97ec80c73ac48dd91c4ec99f436b2862511c8dfdcab190a6579d
8911b5b65ac777dccd7fecffd70a5bb4c5db8ce62c3a76629dfb1c4fd539e66b
93b7a32fc88658a7577131fee009f87725c57e2b2fa27883ba4c7020c142b547
9ba63adf552bfd8d95e0b0af6a2bbc8feeec5844771ce4ff1d32a1c3c46acdbe
9bb4a83752d79a0613dceb16cd68ded0763a776781a8e2c5a4f0e89a300fcfa5
9c3aa11dc1eb48a7fde91003a651bad8b8042adc4df03ce57c4f9d115026be16
a0f4b709c130d9d54f9160b50510063b834dcc6a293b8f0bdc781988156f6851
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a87a019856a9f8789c00156a505579d5ec3f6b97f41e5beb579aa108e042f9b0
af4b49e453c7c1142350ea893e8e5f43ba3c1eda80f5741be595dd79889d988f
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
b7e1bb4a428b866f5dc2bb95342ba2fc6462dcbe87483a02aec9638f8463af26
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
cc75487ea5ae5e6cab27c457ee4bcb5a39ac8938159e46283ca447c516aa9782
d7723dca3c349c9b7b16498aaff40ea19be9b4051a8cc8c6c591ee99f2b2158a
da6d767ece627f79d206948915723f6553e3745cd5c2bbe8686eedc8b7867b5c
dcb178570d83f5ad5dd5e1e3b431034705f2e7be384c3788d15e0a255ea3fd9b
df1161a818b87594ef3f773d22ec2bfcfa338562f0408cddef02d346f03355b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4988c70075f8ac5439d334ef2883ac9763af4366f8c5a722e8b51a9bbe36b8c
e848c05ebef93d9537e686bb58a8ccf7461bbc99c5d63da7f64ae385272363c5
e8a37e70b789bbf412f1be4a4771fc082e474d5bcf6c537310c9dad12001c6ee
f69e456e0e7c7f832a231adf92b2637230b9f4fdff302620a77d27bdc4bf08c8
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

mrnussbaum.com Open in urlscan Pro 45.33.70.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

71 %IPv6

11 Domains

14 Subdomains

15 IPs

2 Countries

2721 kBTransfer

5713 kBSize

10 Cookies

4 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mrnussbaum.com Open in urlscan Pro
45.33.70.113 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

71 %
IPv6

11
Domains

14
Subdomains

15
IPs

2
Countries

2721 kB
Transfer

5713 kB
Size

10
Cookies

65 HTTP transactions
1 data transactions