flower.musea.blog Open in urlscan Pro
131.186.62.237 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://flower.musea.blog/
Submission: On November 25 via api (November 25th 2023, 4:02:56 pm UTC) from US — Scanned from US

Summary HTTP 187 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 33 IPs in 2 countries across 22 domains to perform 187 HTTP transactions. The main IP is 131.186.62.237, located in Japan and belongs to ORACLE-BMC-31898, US. The main domain is flower.musea.blog.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 26th 2023. Valid for: 3 months.

This is the only time flower.musea.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	131.186.62.237 131.186.62.237	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1 2	18.180.239.81 18.180.239.81	16509 (AMAZON-02) (AMAZON-02)
2	3.114.32.147 3.114.32.147	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
5 22	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	54.248.201.65 54.248.201.65	16509 (AMAZON-02) (AMAZON-02)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	210.140.252.93 210.140.252.93	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	13.225.246.96 13.225.246.96	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	52.33.155.26 52.33.155.26	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	13.225.246.109 13.225.246.109	16509 (AMAZON-02) (AMAZON-02)
2 4	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
5	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
36	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1	210.140.225.83 210.140.225.83	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
4	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
10	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
2	142.250.81.227 142.250.81.227	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.176.210 142.250.176.210	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2012	15169 (GOOGLE) (GOOGLE)
187	33

36 131.186.62.237 (Japan)

ASN31898 (ORACLE-BMC-31898, US)
PTR: ty10021.mixhost.jp

flower.musea.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.180.239.81 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-239-81.ap-northeast-1.compute.amazonaws.com

t.felmat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.114.32.147 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-32-147.ap-northeast-1.compute.amazonaws.com

www11.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www25.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4006:820::2002 (United States) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.248.201.65 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-201-65.ap-northeast-1.compute.amazonaws.com

dalc.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.140.252.93 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

a.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.246.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-246-96.lis50.r.cloudfront.net

b.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.155.26 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-155-26.us-west-2.compute.amazonaws.com

logs-01.loggly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.246.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-246-109.lis50.r.cloudfront.net

img.felmat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2004 (United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2607:f8b0:4006:824::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.225.83 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-140-225-83.newton.jp-east.compute.idcfcloud.net

dalb.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f3.1e100.net

p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.210 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f18.1e100.net

p4-brznkl24je6km-w2jy4gby3uddal75-647441-i1-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2012 (United States)

ASN15169 (GOOGLE, US)

p4-brznkl24je6km-w2jy4gby3uddal75-647441-i2-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	721 KB
36	musea.blog flower.musea.blog	773 KB
23	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	240 KB
21	gstatic.com www.gstatic.com fonts.gstatic.com p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com p4-brznkl24je6km-w2jy4gby3uddal75-647441-i1-v6exp3.v4.metric.gstatic.com p4-brznkl24je6km-w2jy4gby3uddal75-647441-i2-v6exp3.ds.metric.gstatic.com	165 KB
10	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 q.clarity.ms — Cisco Umbrella Rank: 7495 c.clarity.ms — Cisco Umbrella Rank: 1405	28 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	382 KB
6	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 www.google.com — Cisco Umbrella Rank: 2	7 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	37 KB
4	valuecommerce.com dalc.valuecommerce.com — Cisco Umbrella Rank: 195422 dalb.valuecommerce.com — Cisco Umbrella Rank: 197756	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	felmat.net 1 redirects t.felmat.net — Cisco Umbrella Rank: 933280 img.felmat.net	82 KB
2	imgvc.com a.imgvc.com — Cisco Umbrella Rank: 201406	810 B
2	a8.net www11.a8.net www25.a8.net	75 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	157 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	763 B
1	loggly.com logs-01.loggly.com — Cisco Umbrella Rank: 11623
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	394 B
1	t.co t.co — Cisco Umbrella Rank: 607	376 B
1	hatena.ne.jp b.hatena.ne.jp — Cisco Umbrella Rank: 104623	367 B
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 3163	7 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
187	22

	Domain	Requested by
36	tpc.googlesyndication.com	googleads.g.doubleclick.net flower.musea.blog pagead2.googlesyndication.com tpc.googlesyndication.com
36	flower.musea.blog	flower.musea.blog
22	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
21	pagead2.googlesyndication.com	flower.musea.blog pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com tpc.googlesyndication.com
13	www.gstatic.com	googleads.g.doubleclick.net
10	www.googleadservices.com	flower.musea.blog
6	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	q.clarity.ms	www.clarity.ms
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	2 redirects flower.musea.blog tpc.googlesyndication.com
3	dalc.valuecommerce.com	flower.musea.blog
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com
2	a.imgvc.com	flower.musea.blog
2	fundingchoicesmessages.google.com	flower.musea.blog
2	www.clarity.ms	flower.musea.blog www.clarity.ms
2	t.felmat.net	1 redirects flower.musea.blog
2	www.googletagmanager.com	flower.musea.blog
1	p4-brznkl24je6km-w2jy4gby3uddal75-647441-i2-v6exp3.ds.metric.gstatic.com
1	p4-brznkl24je6km-w2jy4gby3uddal75-647441-i1-v6exp3.v4.metric.gstatic.com
1	c.bing.com	1 redirects
1	dalb.valuecommerce.com	flower.musea.blog
1	www25.a8.net	flower.musea.blog
1	img.felmat.net	flower.musea.blog
1	stats.g.doubleclick.net	www.google-analytics.com
1	logs-01.loggly.com	flower.musea.blog
1	analytics.twitter.com	flower.musea.blog
1	t.co	flower.musea.blog
1	b.hatena.ne.jp	flower.musea.blog
1	utt.impactcdn.com	flower.musea.blog
1	static.ads-twitter.com	flower.musea.blog
1	ajax.googleapis.com	flower.musea.blog
1	www11.a8.net	flower.musea.blog
187	35

This site contains links to these domains. Also see Links.

Domain
sharks.wiki
musea.blog
beauty.musea.blog
www.facebook.com
b.hatena.ne.jp
line.me
share.shutterstock.com
t.felmat.net
px.a8.net
twitter.com
instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
flower.musea.blog cPanel, Inc. Certification Authority	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
felmat.net Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2023-06-01` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.valuecommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-31` - `2024-09-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
utt.impactcdn.com GTS CA 1D4	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.imgvc.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-13` - `2024-10-13`	a year	crt.sh
*.b.hatena.ne.jp Amazon RSA 2048 M01	`2023-09-23` - `2024-10-21`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
logs-01.loggly.com Starfield Secure Certificate Authority - G2	`2023-03-25` - `2024-04-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://flower.musea.blog/
Frame ID: 4342352854B6BF928D00DA2FFEBB6B8B
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: AA4182597ECCFFB7D524B1B310F6E42A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&adk=1812271804&adf=3025194257&lmt=1700928148&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148040&bpp=4&bdt=887&idt=350&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6751467919149&frm=20&pv=2&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=491
Frame ID: 6EFAC9D06F6AEBCCB3E503F0327B6D95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=1780485171&adf=4286768824&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148071&bpp=4&bdt=918&idt=491&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=514
Frame ID: E6D0A754FE3B69DF8D2594AF2521010D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647
Frame ID: 464D00315CDEE91E2D71743170CC2917
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=600&slotname=9345167437&adk=3477218147&adf=3245573437&pi=t.ma~as.9345167437&w=300&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=300x600&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148077&bpp=1&bdt=924&idt=681&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=686
Frame ID: 965442FAD08334FD02D67BC148CD99B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=169&slotname=3382394316&adk=3577397814&adf=3217087521&pi=t.ma~as.3382394316&w=300&lmt=1700928148&rafmt=11&format=300x169&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148081&bpp=1&bdt=928&idt=705&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=2714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=718
Frame ID: 31623200352870F2146AFBF3587A53BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=169&slotname=3382394316&adk=3577397814&adf=1319271191&pi=t.ma~as.3382394316&w=300&lmt=1700928148&rafmt=11&format=300x169&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148088&bpp=1&bdt=935&idt=719&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600%2C300x169&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=726
Frame ID: 16C1A4DA3869041A3FF624902BF879E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=169&slotname=3382394316&adk=3577397814&adf=4214286397&pi=t.ma~as.3382394316&w=300&lmt=1700928148&rafmt=11&format=300x169&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148092&bpp=1&bdt=939&idt=749&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600%2C300x169%2C300x169&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=3413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=757
Frame ID: 7C90DEA9D4EDA38971742CACEFF0472F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=169&slotname=3382394316&adk=3577397814&adf=4225111724&pi=t.ma~as.3382394316&w=300&lmt=1700928148&rafmt=11&format=300x169&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148097&bpp=1&bdt=943&idt=765&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600%2C300x169%2C300x169%2C300x169&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=3762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=771
Frame ID: 1AFC17BD2E1CB877B9CCD2DB30EEA253
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=4120760919&adk=1391935854&adf=1647318001&pi=t.ma~as.4120760919&w=727&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=727x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148101&bpp=1&bdt=948&idt=824&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600%2C300x169%2C300x169%2C300x169%2C300x169&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=588&ady=4242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=828
Frame ID: 31A37B2E5DA2B396038A63DA9665ACB4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C40E97442FD5DA46F8A7861EFD02CF91
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 98AE5723CEE975B235CA24A9BDE8B130
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 54912751E9929B3E04526BA226ECD703
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B3174D28588EAEBD6934F40D87D68CA1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: E9E4A7F0C756E2D52E79192BF628D4E8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 5ED255A2072600E2A5D28CE047EF1ADD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 3A5089C6FE9CA0BF022EF18EEFB87372
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: 62FAF283D8146FE02ABF72ED266EC4A1
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B58641BB5B6E686F9779D99A0D488C40
Requests: 2 HTTP requests in this frame

Frame: https://p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 462FCD79A5B935A1ACF9FF33CFA7DE0E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 72E017EDAE804E3D80E50A3B2082D65B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 3F3DE76225DF807DB8C8A9EE88221EE9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 0E121A2119BB703D1B689EEC90CF4647
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49B776F006021879C9AA1218D259B142
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C75CF6DB2D0CEB2A29AFE12EDA18D48
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

お花のブログ - お花 - MUSEA BLOG（ミューゼアブログ）

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

187
Requests

96 %
HTTPS

45 %
IPv6

22
Domains

35
Subdomains

33
IPs

2
Countries

2725 kB
Transfer

6555 kB
Size

25
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://sharks.wiki/
Title: <img src="https://flower.musea.blog/wp-content/uploads/2021/02/sharks-wiki-banner.jpg" alt="サメの情報メディア『サメwiki』" width="320" height="100" class="alignnone size-full wp-image-3234" />

Search URL Search Domain Scan URL

URL: https://musea.blog/category/shark/
Title: サメブログ

Search URL Search Domain Scan URL

URL: https://musea.blog/category/travel/
Title: 旅行ブログ

Search URL Search Domain Scan URL

URL: https://beauty.musea.blog/
Title: 美容ブログ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=bm&u=https%3A%2F%2Fflower.musea.blog&t=%E3%81%8A%E8%8A%B1%E3%81%AE%E3%83%96%E3%83%AD%E3%82%B0%20-%20%E3%81%8A%E8%8A%B1%20-%20%20MUSEA%20BLOG%EF%BC%88%E3%83%9F%E3%83%A5%E3%83%BC%E3%82%BC%E3%82%A2%E3%83%96%E3%83%AD%E3%82%B0%EF%BC%89
Title: Share

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/
Title: Hatena

Search URL Search Domain Scan URL

URL: https://line.me/R/msg/text/?%E3%81%8A%E8%8A%B1%E3%81%AE%E3%83%96%E3%83%AD%E3%82%B0%20-%20%E3%81%8A%E8%8A%B1%20-%20%20MUSEA%20BLOG%EF%BC%88%E3%83%9F%E3%83%A5%E3%83%BC%E3%82%BC%E3%82%A2%E3%83%96%E3%83%AD%E3%82%B0%EF%BC%89%0Ahttps%3A%2F%2Fflower.musea.blog
Title: LINE

Search URL Search Domain Scan URL

URL: https://share.shutterstock.com/museainfo
Title: ・画像の購入はこちら

Search URL Search Domain Scan URL

URL: https://t.felmat.net/fmcl?ak=U4061N.1.683354I.X79653L
Title: キャンペーン

Search URL Search Domain Scan URL

URL: https://t.felmat.net/fmcl?ak=U4061N.1.L94632X.X79653L
Title: <img src="https://t.felmat.net/fmimg/U4061N.L94632X.X79653L" width="300" height="250" alt="" border="0" />

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3HDXE8+4JQVAA+3GBU+NVWSH
Title: <img border="0" width="300" height="250" alt="" src="https://www25.a8.net/svt/bgt?aid=210601808275&wid=031&eno=01&mid=s00000016113004012000&mc=1">

Search URL Search Domain Scan URL

URL: https://twitter.com/rock_miu

Search URL Search Domain Scan URL

URL: http://instagram.com/rock_miu

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@shark-activist-reino

Search URL Search Domain Scan URL

URL: https://musea.blog/profile-reino/
Title: プロフィール

Search URL Search Domain Scan URL

URL: https://musea.blog/blogger-info/
Title: 運営者情報

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://t.felmat.net/fmimg/U4061N.L94632X.X79653L HTTP 302
https://img.felmat.net/4061/4061-1615271821.6256-4.png

Request Chain 139

https://googleads.g.doubleclick.net/pagead/adview?ai=CwQAYlBpiZc_YK_6nvcAPrrGbiATvzpKwdPXxzZSVErCQHxABIMSc4iNgye6Oi8CkjBCgAdWI1_4DyAEJqAMByAPLBKoE_QFP0JTSR5kpMOKMhf2mZHH8J2J6lV7_HnklZynnjnktR7QLd3XBS9i-_QV9YUPRjvcxUHLH0cOcLCvbUUBKpibV0AjviJwOJj0XKe-LPt35E25CzXpNPrIk1Ch1xcO9sBkpI0jwNaKeVdbaMagLo2ohQqepdqe7xioGIQctLTgNqgTLlX3KPAoB85iZ01Nq5m4tuFqTQOr-ELAn_3k1_QpbGhE7oex0mhNtAiGjNt1NLeDidFn3ORMvP4UObB6aWh9h8IAY4T6Cv_B2JCZL3luOi94-h4111kzlYqNjT6vQzQwgPBodzOuY7Da7ah34ARcZsUc8GT4wzqv498VEwATJx7yKzgSIBffnv9NBkgUECAQYAZIFBAgFGASgBi6AB5P3qAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDPsw_SCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJmQFodHRwczovL3d3dy5kZWtvcmxpZ2h0aW5nLmNvbS9zaG9wLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249MTc2MjM0MTM3NTEmdXRtX2FkZ3JvdXA9MTU4Mzk4ODgyNzYxJnV0bV9jb250ZW50PTY4MTgzNTE5MjAxMCZ1dG1fdGVybT2ACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwRCgsQ8PPZifybyv3tARICAQO4E-QD2BMCiBQB0BUBgBcBshccChoIABIUcHViLTc3OTIwNTc3MzM1MjQ1NjUYAA&sigh=vohCAvpwXdg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN277XVJ3XJzJ6vn7KMNkI7gtz5i6OAXSnJcGFHBdldgwXvdrzNltSxTFFHQ7GGO6BgDcQJb7XfMhhUh1da_g0oVOznEvSjmS-iRgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xca708f63d15066060000000000000000%22,%222%22:%220x8a6b995f8c4737050000000000000000%22,%223%22:%220x93ed835a6c20e1d60000000000000000%22,%224%22:%220xe4ed9a94e76f2f2e0000000000000000%22,%225%22:%220xc6feb53ad820f7cf0000000000000000%22},%22debug_key%22:%2210606955548996311873%22,%22debug_reporting%22:true,%22destination%22:%22https://dekorlighting.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070974037%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229647758362294117921%22}&andc=true

Request Chain 140

https://googleads.g.doubleclick.net/pagead/adview?ai=ChPdIlBpiZf-VNJ-UvcAPh7-emA6sr6qzdMvErZShEa4CEAEgxJziI2DJ7o6LwKSMEKABr6yLyinIAQmpAqgryq1MvTw-qAMByAPLBKoE_gFP0I5LsBVBNWJtyxhuFKtjfIFIC_8nXpyw2BsfrpOD8wl2-CuRXCzaCQfQFihcHKp7kWUHCGkwWtAlk6w_Vx61qHhd2keEZ_oDlTwFNYA7ZCdTbEI1ltw4gbGQ7tIbKrvKCnTc8KPNO_lvpwZA09OTQXCJj_xW-QTDb7WtrzW8olYp_p3Fey4nN51LYzMyglvzILGd_JajLtYkJFnXO_xco4B1RK-ICJvKoBPx-NGHFahz-1s3wi-fEtdAGh2NYAr2ZeGILRWS-NflysB9BBuYkky1iRnIlLzha26pTZ1mOlqgwrtBRey0PDuP_4K1__mZ7aN-qEIxPKmsYq4y-8AEvLmJz7wEiAWqo7nZSpIFBAgEGAGSBQQIBRgEoAYugAev5NupBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKKBA9IIFAiAYRABGB8yAooCOgKAQEi9_cE6mglWaHR0cHM6Ly93d3cua3lvc2hpbi5jby5qcC9hdGhvbWUvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249dWGACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwRCgsQkM_i4LfKq-6LARICAQO4E-QD2BMN0BUBmBYBgBcBshccChoIABIUcHViLTc3OTIwNTc3MzM1MjQ1NjUYAA&sigh=YqVhOqmn3b8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNPpUSd2aIWaplYtbFX9XGeWfnbK3kVVdhu1a-lBb1fWVIDm5tPg1BVCK1_uIcPli278sb49Zo2pJ-Krezda7CXr1sHynupVmNmBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcdb6e845781ea49b0000000000000000%22,%222%22:%220x81c4e7be003da2170000000000000000%22,%223%22:%220x34828050ab7f24e40000000000000000%22,%224%22:%220x909c2f23ef936feb0000000000000000%22,%225%22:%220xdbb26e097cf96abd0000000000000000%22},%22debug_key%22:%225314273773498317690%22,%22debug_reporting%22:true,%22destination%22:%22https://kyoshin.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211161228847%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213008647083429900513%22}&andc=true

Request Chain 141

https://googleads.g.doubleclick.net/pagead/adview?ai=CFTbdlRpiZa7UA_jLvcAP1Ka3-A2sqZfZc_WOhZuBEoLntLX5ARABIMSc4iNgye6Oi8CkjBCgAafkvKMDyAEJqQI_WWUxr5uoPqgDAcgDywSqBPsBT9C_KpQx9Hsk6o8a0NlxzA3vXHJPZzgKQT0D8Vn8ORsgwqrwfHbK1uLZ4EfNXewRm9cR_tCBnLvr_3VmbvqVLkheyeNIPy10BoHM9FBx60SHBE5qZDTr17YbQOfsJ5GycOEIv3dbp5zFfzcuF5H2d-nnL6bw3QrOlbQPGLa5JIfWpZlugRq3UtlJ5kNpc6_do__YGZVXgylALkaRivJuIsRtt5661m7JSZaiinEjIpwF4tN9X7wlZi1MjI2xthkdI29tRuGWGHP_XwPNNIjWR8O8f4qO3O2PNVsZUwnweX8K2Ez2hWkq5_GdoMv3OKsLbotAIXLfZecDlsbABLKE0_vHBIgF6cixpAOgBi6AB8Gbw1yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDI4QnSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJHWh0dHBzOi8vd3d3LmhhcmR3b29kZ2lhbnQuY2EvgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwRCgsQkPaC4_Wa6r-BARICAQO4E-QD2BMD0BUBmBYBgBcBshccChoIABIUcHViLTc3OTIwNTc3MzM1MjQ1NjUYAA&sigh=-ncDPr736E0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNfJIqSOdaVliukIEPioHaae8gGqjhnuwERj4nMGAL2oQ9Bjs7fCYerkRb_KYV5l7hDubZf39ySzQBGp4M2pUxlwc5WQJF7d8JiQAYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5833f4958cbe900000000000000000%22,%222%22:%220xe0cccf076c2eb92b0000000000000000%22,%223%22:%220x5dea819116e86f410000000000000000%22,%224%22:%220x5d525b58cbd79ab20000000000000000%22,%225%22:%220xeb30676757b4d75e0000000000000000%22},%22debug_key%22:%229857255664963441208%22,%22debug_reporting%22:true,%22destination%22:%22https://hardwoodgiant.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879702567%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210856366870275545681%22}&andc=true

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 159

https://googleads.g.doubleclick.net/pagead/adview?ai=C0SWwlBpiZfnfKfCWvcAPlZeJ6Az56sq9c5bHm53XEfCW9erNOBABIMSc4iNgye6Oi8CkjBCgAaOFh6IDyAEDqAMByAPJBKoE-wFP0LLpQBAwLZGB83EpO9Gw7T-aHE-Aq_9CLx0u2hWlebNi5v-MFlWHDbRMiiZgK0CdvjFpaP3PLbaTxC_OBTYdHzswhtiH6rNdhasWgNQJj-CcfXvOZYRzrFwXMTCuUHrpBfgiP7Ql0No4a4zgTtOzVsOwJoKzs2mVXm-uBBH8HHshnrnGA4ixeAqCpn3TmYVhvOXpfvLUR5srWS1IkN7n1OXWUzJXJkMZF_yTLL1dHECqkzzYXlclTwqx6UE1UD0AKzQJw0hNdLOya6o6k4YdB_wuwDShr2COYKVY0m0MwysETjz_EPZgwhiIXV0Fg2WWRSAIq_uPXEEoQ8AEi8acxKkEiAXH36iISZIFBAgEGAGSBQQIBRgEoAYDgAfqlrSCBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIPeCtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgmUAWh0dHBzOi8vd3d3LnJhbmRzdGFkdXNhLmNvbS9lbXBsb3llcnMvZmluYW5jZS1hY2NvdW50aW5nLWJ1c2luZXNzLWFkdmlzb3J5L2J1c2luZXNzLXByb2Zlc3Npb25hbHMvYnVzaW5lc3MtYWRtaW5pc3RyYXRpb24tb3BlcmF0aW9ucy9idXNpbmVzcy1hZG1pbi-ACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBEKCxCwtZyMysagiJcBEgIBA9gTDtAVAYAXAbIXHAoaCAASFHB1Yi03NzkyMDU3NzMzNTI0NTY1GAA&sigh=-YCQ_LY8M4o&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNfzay7M7R4BTVMtSwwyYRUwMz9Uvml6Bd_wrPQeWTio_1c3X3OA2vBrx1qBMhzKNJEsUJJevZ_FI1cM_2gfvGGpsIQxhY_5I7_D0YAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x36efe03d0a393d420000000000000000%22,%222%22:%220xfaead6bf4d4c8330000000000000000%22,%223%22:%220xf5f90f9d3c93e66a0000000000000000%22,%224%22:%220x60adbbca96e8aed80000000000000000%22,%225%22:%220x31162d17722dbd4e0000000000000000%22},%22debug_key%22:%224768958929070683158%22,%22debug_reporting%22:true,%22destination%22:%22https://randstadusa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22876724899%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212035716444171353953%22}&andc=true

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 175

https://googleads.g.doubleclick.net/pagead/adview?ai=CnFOxlBpiZfffKfCWvcAPlZeJ6AySguS1dI7y0fCeEuuEhsvCARABIMSc4iNgye6Oi8CkjBCgAcyCyskoyAEBqAMByAPLBKoE-gFP0GeSeSbPyXz6Lel4Gi1iU_rdcJeJM3friXK0mNRkRiXQnVLWiuu0JPQxRMYpIuyhzCaBcOCF-0xMRpe0fnqwhwC429ecgCjuGtPos8t_MLBZpZpBdpVh-P_l5hwqbOeJuurzdjqe-4cT9BDWwELL5nOtPb4VRde2msoae_RTPNJk2kl_-rSvuB9RJHzV2i5wGFZAPRCV7CaLKFRVeHEVIMhQj_rmH1OOcHYG2zftsTFkmXFcwSl9T8iDPeg7fA9XO7g3q9nwadPMCfcqK6WP349Pzz9snP1jVWEVnX6P5B2UKwc12tJmzJYkwe9BfLTWEB-W5wyyaCHZwASyn-yxsgSIBeeN7rVNkgUECAQYAZIFBAgFGASgBgKAB8y6mqkDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQl9oC0ggUCIBhEAEYHzICigI6AoBASL39wTqaCYQBaHR0cHM6Ly9zZWFyY2gueWFob28uY29tL3locy9zZWFyY2g_aHNwYXJ0PXlhaG9vJmhzaW1wPXlocy1mbzQzJnA9YWNjaWRlbnQlMjBjbGFpbSUyMGxhd3llcnMlMjBuZWFyJTIwbWUmdHlwZT0yMDc4MjQ4MzE3NSZnX2FwPWdndDk1gAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQkOi-xJzf69t2EgIBA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NzkyMDU3NzMzNTI0NTY1GAA&sigh=J2wJiwrogIQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNfzay7M7R4BTVMtSwwyYRUwMz9Uvml6Bd_wrPQeWTio_1c3X3OA2vBrx1qBMhzKNJEsUJJevZ_FI1cM_2gfvGGpsIQxhY_5I7_D0YAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x77f15f7890ed7d8c0000000000000000%22,%222%22:%220x6ffed072f70f86990000000000000000%22,%223%22:%220xe9c032752ca68cf80000000000000000%22,%224%22:%220x1c6c005d445c32e20000000000000000%22,%225%22:%220x175c99b259176cd70000000000000000%22},%22debug_key%22:%2215040226812204879314%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210891723084%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22396597202331352305%22}&andc=true

Request Chain 181

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3080EF9966E34EC18FAFEB6968F265AE&RedC=c.clarity.ms&MXFR=08772377FE94670D2EFD30A3FA9469C5 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3080EF9966E34EC18FAFEB6968F265AE&MUID=02C59A31F0C4681735A889E5F1A669A3

187 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
flower.musea.blog/ 132 KB
18 KB 2913ms
1125ms Document
text/html 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://flower.musea.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 901a09f7d190e8adcffc5eb647c491af2ef974ddee6700ed1db5ffdb310a7c8c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 25 Nov 2023 16:02:27 GMT
etag: "11529-1700928147;br"
link: <https://flower.musea.blog/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 860_HTTP.200,860_home,860_URL.6666cd76f96956469e7be39d750cc7d9,860_F,860_,860_MIN.093c514c9552d48c16f2a78e706dac3d.css,860_MIN.352da13a1024c91b6aa83f8f3b411d08.js

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
67 KB 129ms
61ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-54776174-6

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2625bf77198a90dd1fc6ca19dde1cb3987c71cb51134a42262dadcdd0129fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67736
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 Nov 2023 16:02:27 GMT

GET
H2 200 093c514c9552d48c16f2a78e706dac3d.css
flower.musea.blog/wp-content/litespeed/css/ 632 KB
88 KB 196ms
195ms Stylesheet
text/css 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://flower.musea.blog/wp-content/litespeed/css/093c514c9552d48c16f2a78e706dac3d.css?ver=613ae
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 7a6db321f8a41209f79fc24dbf6e98a17f6d58fb2284be1fad44382774501c37

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:27 GMT
content-encoding: br
last-modified: Sun, 19 Nov 2023 11:44:17 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 89492
expires: Sat, 02 Dec 2023 16:02:27 GMT

GET
DATA 200
OK truncated Show response
/ 133 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 269ddbd0fed8f4035c6d60702b287c9b152996d2f7049b4c6f2185f591a2059c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 168ms
84ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bdf48417b23f8796c388fcebb4b2175f24c4f97ed77c2cfcf68b1a3514bf121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52741
x-xss-protection: 0
server: cafe
etag: 6720501849823614303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 16:02:27 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated Show response
/ 45 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 U4061N.683354I.X79653L
t.felmat.net/fmimp/ 43 B
525 B 738ms
252ms Image
image/gif 18.180.239.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.felmat.net/fmimp/U4061N.683354I.X79653L
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.180.239.81 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-180-239-81.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:27 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: Apache
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK 0.gif
www11.a8.net/ 43 B
184 B 899ms
206ms Image
image/gif 3.114.32.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www11.a8.net/0.gif?a8mat=3HDXE8+4JQVAA+3GBU+NVWSH
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.32.147 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-32-147.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 25 Nov 2023 16:02:27 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 track
flower.musea.blog/st-manager/pv-monitor/impression/ 43 B
165 B 629ms
629ms Image
image/gif 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/st-manager/pv-monitor/impression/track?query_type_id=front_page&queried_page=1&url=https%3A%2F%2Fflower.musea.blog%2F&referrer=&u=5867e767-2a5e-4545-96ec-bb45e14b963f
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:27 GMT
server: LiteSpeed
x-dns-prefetch-control: on
content-type: image/gif
x-litespeed-cache-control: no-cache
cache-control: max-age=0, must-revalidate, no-cache, private
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 103ms
24ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 21:48:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 64ms
63ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-MQ7VLTB

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5180c07d5f2098d9e9619f40a0871cd5d7e72de030c86e60be6aa5d670464a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Nov 2023 16:02:27 GMT

GET
H2 200 352da13a1024c91b6aa83f8f3b411d08.js Show response
flower.musea.blog/wp-content/litespeed/js/ 244 KB
66 KB 369ms
369ms Script
application/javascript 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://flower.musea.blog/wp-content/litespeed/js/352da13a1024c91b6aa83f8f3b411d08.js?ver=613ae
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 04bde099a84543355dca866ad0d4270c407f522c772b9051729229d641d440d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:27 GMT
content-encoding: br
last-modified: Mon, 20 Nov 2023 03:43:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 67815
expires: Sat, 02 Dec 2023 16:02:27 GMT

GET
H3 404 great-white-shark-01.jpg
flower.musea.blog/wp-content/uploads/2021/02/ 36 KB
36 KB 994ms
994ms Image
text/html 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/02/great-white-shark-01.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: dcc993ad60af17171adfbc1ecf2761d600b1924f00a450a39d249c73906d2a53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
content-encoding: br
server: LiteSpeed
x-litespeed-cache: miss
x-dns-prefetch-control: on
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: public,max-age=3600
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-tag: 860_HTTP.404,860_404,860_URL.00d74ac13a60f19d16d90812953438ef,860_,860_MIN.093c514c9552d48c16f2a78e706dac3d.css,860_MIN.97691bd02666d1697d13fe5e9eda0dc6.js
link: <https://flower.musea.blog/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 sixtones-le-pain-quotidien-04.jpg
flower.musea.blog/wp-content/uploads/2022/05/ 81 KB
82 KB 192ms
191ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2022/05/sixtones-le-pain-quotidien-04.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: aa4a3df4d4070f3e677a2fcdd8660230a103d8f50efcce5b8b6c845b8cad5ed7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:27 GMT
last-modified: Fri, 13 May 2022 06:23:29 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 83270
expires: Sat, 02 Dec 2023 16:02:27 GMT

GET
H3 200 hitohana08.jpg
flower.musea.blog/wp-content/uploads/2021/09/ 87 KB
87 KB 422ms
421ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/09/hitohana08.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 318b54515604914f44d0f13947a98fd7c23bd8d4ffff88193805c7b0b309edb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:27 GMT
last-modified: Wed, 08 Sep 2021 11:03:31 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 89320
expires: Sat, 02 Dec 2023 16:02:27 GMT

GET
H3 200 forehead-epilation-11.jpg
flower.musea.blog/wp-content/uploads/2021/12/ 121 KB
121 KB 234ms
234ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/12/forehead-epilation-11.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 92850d4feb8e9a7a458246e8e4c92122bc4ad68ac48697e919fb6ac77160f420

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:27 GMT
last-modified: Sat, 25 Dec 2021 10:21:21 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 123923
expires: Sat, 02 Dec 2023 16:02:27 GMT

GET
H3 200 stsvg.ttf
flower.musea.blog/wp-content/themes/affinger/st_svg/fonts/ 33 KB
18 KB 225ms
225ms Font
font/ttf 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://flower.musea.blog/wp-content/themes/affinger/st_svg/fonts/stsvg.ttf?e9lchi
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/wp-content/litespeed/css/093c514c9552d48c16f2a78e706dac3d.css?ver=613ae
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 02f1496fa020d74b3ae0e55b53bef3c425b5bec3d68825e23d213db1799a6887

Request headers

Referer: https://flower.musea.blog/wp-content/litespeed/css/093c514c9552d48c16f2a78e706dac3d.css?ver=613ae
Origin: https://flower.musea.blog
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:27 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 13:46:43 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17908
expires: Sat, 02 Dec 2023 16:02:27 GMT

GET
DATA 200
OK truncated Show response
/ 223 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 355af98c2f5f7fc3d9e82b7137643ab1ba0d9aa6167702f93587d1ffad3ae49e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 356ms
25ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54776174-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 25 Nov 2023 15:49:06 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 25 Nov 2023 17:49:06 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 79ms
78ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ad5cf4d033816481520a42c6a63a72bbae4a9a45c017567e9636a9737d81709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137245
x-xss-protection: 0
server: cafe
etag: 11859941328143620731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 16:02:28 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame AA41 9 KB
4 KB 93ms
24ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 15059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 11:51:29 GMT
etag: 16674218716276178799
expires: Sat, 09 Dec 2023 11:51:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jk9dqx4dnf Show response
www.clarity.ms/tag/ 650 B
1014 B 274ms
63ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jk9dqx4dnf?ref=wordpress
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/wp-content/litespeed/js/352da13a1024c91b6aa83f8f3b411d08.js?ver=613ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: afddb60efca2394859fa6b1222aa4805b6047203a6fc8e1548fb613bc1023d01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Sat, 25 Nov 2023 16:02:28 GMT
x-azure-ref: 20231125T160228Z-51vn5ty5kt76m4p4p0nqbfcs5w0000000ru000000000bd9x
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 vcid Show response
dalc.valuecommerce.com/ 104 B
466 B 1114ms
210ms Script
application/javascript 54.248.201.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/vcid?_s=https%3A%2F%2Fflower.musea.blog%2F

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/wp-content/litespeed/js/352da13a1024c91b6aa83f8f3b411d08.js?ver=613ae

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.248.201.65 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-248-201-65.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3c8538a5f6d9915e2f08617932d5326ce87969986f1302218d7252b3903a8304

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:29 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 104

GET
H2 200 pub-7792057733524565 Show response
fundingchoicesmessages.google.com/b/ 11 KB
6 KB 255ms
67ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-7792057733524565

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/wp-content/litespeed/js/352da13a1024c91b6aa83f8f3b411d08.js?ver=613ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5a3ba1f194a04933e577e30f83fe45ac3a1866831fe9c8bb31de11e26818378

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FnRjkIPuvmYhvR02DMAipw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FnRjkIPuvmYhvR02DMAipw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 225ms
40ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/wp-content/litespeed/js/352da13a1024c91b6aa83f8f3b411d08.js?ver=613ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000121-IAD

GET
H2 200 P-A3039564-3c0f-4870-acbb-8013dc73977d1.js Show response
utt.impactcdn.com/ 20 KB
7 KB 264ms
80ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/P-A3039564-3c0f-4870-acbb-8013dc73977d1.js
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/wp-content/litespeed/js/352da13a1024c91b6aa83f8f3b411d08.js?ver=613ae
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c5d0b40361c4f499d28bba467b810881d66071cd8465dd7bd9002f06882f8298

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPpSHdN0G5OoOcLgK-wb5-BQUiMUuplI6NFzHfVAQ_z2MndT0OuEcDgt6WfflJnZIy_9tw3Cd8CLTQxwJNCCXHGp9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6728
last-modified: Wed, 29 Sep 2021 09:38:58 GMT
server: UploadServer
etag: "66354d213070e98831eb3725fef85371"
vary: Accept-Encoding
x-goog-generation: 1632908338229998
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=uD0pNg==, md5=ZjVNITBw6Ygx6zcl/vhTcQ==
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 6728
accept-ranges: bytes
expires: Sat, 25 Nov 2023 16:07:28 GMT

GET
H/1.1 200
OK bf.png
a.imgvc.com/i/ 107 B
405 B 1047ms
182ms Image
image/png 210.140.252.93
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.140.252.93 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: caf7e2ebbc0ff51a1cd12a8981325d32b2beb604370c246b6748520d4d051faf

Request headers

Referer: https://flower.musea.blog/
Origin: https://flower.musea.blog
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:29 GMT
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx
front-end-https: on
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000, private
content-length: 107
expires: Mon, 24 Nov 2025 16:02:29 GMT

GET
H2 200 /
b.hatena.ne.jp/entry/button/ 43 B
367 B 666ms
385ms Image
image/gif 13.225.246.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Fflower.musea.blog%2F&layout=simple&format=image

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.246.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-246-96.lis50.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
via: 1.1 b1d2f89f3441d5c7e661028fba49a636.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: LIS50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 43
x-amz-cf-id: nWlPr46IbGQxDblIsCnDiQk6_4rXZ_VUntNQ8sxUbTaZqyoha7_Q1A==

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 123ms
47ms Ping
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S69RZGMQ9C&gtm=45Pe3b81v9169536638&_p=1700928147959&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1250876267.1700928148&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700928148&sct=1&seg=0&dl=https%3A%2F%2Fflower.musea.blog%2F&dt=%E3%81%8A%E8%8A%B1%E3%81%AE%E3%83%96%E3%83%AD%E3%82%B0%20-%20%E3%81%8A%E8%8A%B1%20-%20MUSEA%20BLOG%EF%BC%88%E3%83%9F%E3%83%A5%E3%83%BC%E3%82%BC%E3%82%A2%E3%83%96%E3%83%AD%E3%82%B0%EF%BC%89&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4020
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MQ7VLTB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flower.musea.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 musea-blog-logo-03.png
flower.musea.blog/wp-content/uploads/2021/05/ 5 KB
5 KB 208ms
206ms Image
image/png 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/05/musea-blog-logo-03.png
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: eb1086dd63c815d80a83864c0f9b0f498e7236348c94b19b1b0ef64cf5262ab1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Sun, 16 May 2021 05:06:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4897
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H3 200 flower-scissors-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 4 KB
4 KB 199ms
196ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/flower-scissors-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 2011886abd68b0cf6244c99970e5eb590e0e77f2fb0357725b83a44a0201948f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Wed, 23 Jun 2021 08:53:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4215
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H3 200 hydrangea-recovery-03-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 7 KB
7 KB 233ms
231ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/hydrangea-recovery-03-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 595ef67cf7253a05b186432404963e36516afcaa1a942758f07d3ebb629461e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Thu, 03 Jun 2021 06:12:04 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6827
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H3 200 qin-rong-EbzC__hKci8-unsplash-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/05/ 7 KB
7 KB 231ms
228ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/05/qin-rong-EbzC__hKci8-unsplash-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 04af345e38956b52ed27ac354dc382bf34949ab628b3e20ac74c1455c11b92cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Tue, 22 Jun 2021 11:44:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6837
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H3 200 delphinium-02-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/07/ 7 KB
7 KB 210ms
208ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/07/delphinium-02-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: bd4420c3029524efce3cc09d4344d2eac8f057ad0e6b70250092d31e25eb9bf8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Wed, 14 Jul 2021 15:33:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7121
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H3 200 flower-psychology-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 5 KB
5 KB 217ms
216ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/flower-psychology-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: dbee6865c60d4f2849f833a6764541d182b5d51ae89a2190b8c8182beb23d34b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Thu, 03 Jun 2021 11:14:41 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5310
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H3 200 hypericum-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 6 KB
6 KB 235ms
234ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/hypericum-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 9129a0579b175c70ede3914a90ef225c1e30feecb5efa9f2bb99f123dedc02fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Thu, 24 Jun 2021 13:37:27 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6059
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H3 200 spray-carnations-star-cherry-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 4 KB
4 KB 223ms
221ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/spray-carnations-star-cherry-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 47fca48f5504718b5e2a76a64cf7644c55dd5e334de9715dc24f98343b094f1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Sun, 20 Jun 2021 11:52:47 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3757
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H3 200 flower-base-01-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 6 KB
6 KB 192ms
191ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/flower-base-01-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: e4973dc2126a861a9d27a33715c3e3e3f5f35c23d72855f66082366c92999213

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Wed, 16 Jun 2021 10:22:23 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5905
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H3 200 bloomee-kuchikomi-08-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/07/ 6 KB
6 KB 200ms
199ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/07/bloomee-kuchikomi-08-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 2d941472fd86faa7a8c02cdb753b69179a6e9b2314026b4a9f9df5f5f3e380b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
last-modified: Fri, 02 Jul 2021 05:53:10 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5722
expires: Sat, 02 Dec 2023 16:02:28 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EFA 484 KB
97 KB 1080ms
1078ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&adk=1812271804&adf=3025194257&lmt=1700928148&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148040&bpp=4&bdt=887&idt=350&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6751467919149&frm=20&pv=2&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=491

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1806f7d2243e30f806be4722b2d7eff06cfe02f6d54b654d68cd243877089817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 99340
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:29 GMT
expires: Sat, 25 Nov 2023 16:02:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6D0 120 KB
41 KB 809ms
808ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=1780485171&adf=4286768824&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148071&bpp=4&bdt=918&idt=491&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=514

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59bdccc33c9ccd16ddef60d8fb9db67b2e16f2e6026bc4de5d9dffa8c19401d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41683
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:29 GMT
expires: Sat, 25 Nov 2023 16:02:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 40ms
39ms XHR
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=741472488&t=pageview&_s=1&dl=https%3A%2F%2Fflower.musea.blog%2F&ul=en-us&de=UTF-8&dt=%E3%81%8A%E8%8A%B1%E3%81%AE%E3%83%96%E3%83%AD%E3%82%B0%20-%20%E3%81%8A%E8%8A%B1%20-%20MUSEA%20BLOG%EF%BC%88%E3%83%9F%E3%83%A5%E3%83%BC%E3%82%BC%E3%82%A2%E3%83%96%E3%83%AD%E3%82%B0%EF%BC%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1390297796&gjid=941829978&cid=1250876267.1700928148&tid=UA-54776174-6&_gid=1197384349.1700928149&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1842072409

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flower.musea.blog/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flower.musea.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 464D 118 KB
40 KB 805ms
804ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d2b3ac48760cd970da265c6b0995b03a437f5111edff65817f8cf2e433545e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41374
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:29 GMT
expires: Sat, 25 Nov 2023 16:02:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsct
t.co/i/ 43 B
376 B 227ms
63ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=d3291e28-ae52-43d1-93ec-3e091fb96ac6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b9908a89-9700-46e3-910c-1b8d5214b2cc&tw_document_href=https%3A%2F%2Fflower.musea.blog%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6bic&type=javascript&version=2.3.29

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 7
date: Sat, 25 Nov 2023 16:02:28 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 76fcbd90b5aa9103
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f21403af1dd5fdb2f9751461da771ffd14d85527103cca914c91c3512066005d
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 212ms
79ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d3291e28-ae52-43d1-93ec-3e091fb96ac6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b9908a89-9700-46e3-910c-1b8d5214b2cc&tw_document_href=https%3A%2F%2Fflower.musea.blog%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6bic&type=javascript&version=2.3.29

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 5
date: Sat, 25 Nov 2023 16:02:28 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: d472a4a5a95c8b27
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3d3876fa19c15d0b7a3029612a8850449772b2670006bb6c7b1eea33f6c612fc
content-length: 43

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 64ms
63ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jk9dqx4dnf?ref=wordpress
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 13:41:44 GMT
etag: W/"0x8DBE772F014B026"
vary: Accept-Encoding
x-azure-ref: 20231125T160228Z-51vn5ty5kt76m4p4p0nqbfcs5w0000000ru000000000bdar
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6dd64150-f01e-0020-7823-1a557c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H3 204 AGSKWxX4MD3TL-GAAQ4zPGNS1iQwvXSs9CjCaarip2KJYTunqwSpA5r7buUOG3jyfwQNbXBOKE0vFZue9YKF7BtwTdu_6A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 104ms
50ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX4MD3TL-GAAQ4zPGNS1iQwvXSs9CjCaarip2KJYTunqwSpA5r7buUOG3jyfwQNbXBOKE0vFZue9YKF7BtwTdu_6A==

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/wp-content/litespeed/js/352da13a1024c91b6aa83f8f3b411d08.js?ver=613ae

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-USoaFqyeoEXy0PyoFRB5jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-USoaFqyeoEXy0PyoFRB5jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://flower.musea.blog
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1*1.gif
logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/ 0
0 397ms
89ms Image
text/html 52.33.155.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/1*1.gif?type=MP%20UTT&msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27td%27)&event=doTracking%20error&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.155.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-155-26.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9654 716 B
381 B 595ms
594ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=600&slotname=9345167437&adk=3477218147&adf=3245573437&pi=t.ma~as.9345167437&w=300&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=300x600&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148077&bpp=1&bdt=924&idt=681&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=686

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92863dee296beb10d9d9cd8e540945ed7969f7c2855707b35cf3604886eb6ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:29 GMT
expires: Sat, 25 Nov 2023 16:02:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
348 B 105ms
37ms XHR
text/plain 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54776174-6&cid=1250876267.1700928148&jid=1390297796&gjid=941829978&_gid=1197384349.1700928149&_u=YADAAUAAAAAAACAAI~&z=231078350

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://flower.musea.blog/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 25 Nov 2023 16:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flower.musea.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3162 716 B
378 B 181ms
179ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=169&slotname=3382394316&adk=3577397814&adf=3217087521&pi=t.ma~as.3382394316&w=300&lmt=1700928148&rafmt=11&format=300x169&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148081&bpp=1&bdt=928&idt=705&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=2714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=718

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d156f1b711fe4ee8d79db77d0e5ba92c3fc2b7cf49bdf2faf3063e03cd14f93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:28 GMT
expires: Sat, 25 Nov 2023 16:02:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16C1 716 B
380 B 192ms
191ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=169&slotname=3382394316&adk=3577397814&adf=1319271191&pi=t.ma~as.3382394316&w=300&lmt=1700928148&rafmt=11&format=300x169&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148088&bpp=1&bdt=935&idt=719&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600%2C300x169&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=726

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84034db6a4597bd7cbbf244057dc34e3061160443e51080a7af9c92af5ee0213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:28 GMT
expires: Sat, 25 Nov 2023 16:02:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C90 716 B
380 B 154ms
153ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=169&slotname=3382394316&adk=3577397814&adf=4214286397&pi=t.ma~as.3382394316&w=300&lmt=1700928148&rafmt=11&format=300x169&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148092&bpp=1&bdt=939&idt=749&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600%2C300x169%2C300x169&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=3413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcfdf0e15f3336df3e063ee1986f836c72f625d6bca3e3d01ef863a37dc6c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:28 GMT
expires: Sat, 25 Nov 2023 16:02:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AFC 716 B
381 B 222ms
219ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=169&slotname=3382394316&adk=3577397814&adf=4225111724&pi=t.ma~as.3382394316&w=300&lmt=1700928148&rafmt=11&format=300x169&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148097&bpp=1&bdt=943&idt=765&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600%2C300x169%2C300x169%2C300x169&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=3762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=771

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5eb93d25eed29b759b87fddc85c70e89e617d2e00a918d2880bdc93dc7f5cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:29 GMT
expires: Sat, 25 Nov 2023 16:02:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 31A3 126 KB
42 KB 1548ms
1547ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=4120760919&adk=1391935854&adf=1647318001&pi=t.ma~as.4120760919&w=727&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=727x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148101&bpp=1&bdt=948&idt=824&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600%2C300x169%2C300x169%2C300x169%2C300x169&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=588&ady=4242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=828

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b585ea42f3c74edbd6575fac6dd8da76e6750da6a629e401fc07aeb8afaa8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43143
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:30 GMT
expires: Sat, 25 Nov 2023 16:02:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tomoko-uji-BVe2OsKGMWw-unsplash-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 5 KB
5 KB 200ms
194ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/tomoko-uji-BVe2OsKGMWw-unsplash-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: ed17459f5bcac54d496e88b23d0c05be5f1224c669692e1d1997550b3ebee922

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:29 GMT
last-modified: Tue, 08 Jun 2021 02:40:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4804
expires: Sat, 02 Dec 2023 16:02:29 GMT

GET
H3 200 flower-subscription-31-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/09/ 7 KB
7 KB 200ms
195ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/09/flower-subscription-31-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 9bc3472be7627dc44213c4f5146c26b1d8b6958ed02d23718bee24d8026e7619

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:29 GMT
last-modified: Sat, 11 Sep 2021 03:58:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7204
expires: Sat, 02 Dec 2023 16:02:29 GMT

GET
H3 200 hasmik-ghazaryan-olson-AILcFMJXTU-unsplash-150x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 6 KB
6 KB 200ms
195ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/hasmik-ghazaryan-olson-AILcFMJXTU-unsplash-150x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 457739479db31d4919446fd739eb44557682790eb6c6a817758e54d9020b6681

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:29 GMT
last-modified: Sun, 06 Jun 2021 06:21:38 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6499
expires: Sat, 02 Dec 2023 16:02:29 GMT

GET
H3 200 hasmik-ghazaryan-olson-AILcFMJXTU-unsplash-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 8 KB
8 KB 200ms
195ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/hasmik-ghazaryan-olson-AILcFMJXTU-unsplash-202x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: de05958503b96413b9aa257ac48c72bc62394f5759c638b97f306d005e711b53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:29 GMT
last-modified: Sun, 06 Jun 2021 06:21:38 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8371
expires: Sat, 02 Dec 2023 16:02:29 GMT

GET
H3 200 tomoko-uji-BVe2OsKGMWw-unsplash-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 6 KB
6 KB 200ms
195ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/tomoko-uji-BVe2OsKGMWw-unsplash-202x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 281f115fe664da62d82f25e0f1edbddd7e5df603198e4d5370d534df3461ee36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:29 GMT
last-modified: Tue, 08 Jun 2021 02:40:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6438
expires: Sat, 02 Dec 2023 16:02:29 GMT

GET
H3 200 Dusty-Miller-Flower-05-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 10 KB
10 KB 225ms
183ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/Dusty-Miller-Flower-05-202x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 1ff7848d9525d5637759225d02dabbb401284a64289dd5e673fd71799478df0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:29 GMT
last-modified: Thu, 24 Jun 2021 12:33:09 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9768
expires: Sat, 02 Dec 2023 16:02:29 GMT

GET
H2

200

4061-1615271821.6256-4.png
img.felmat.net/4061/
Redirect Chain

https://t.felmat.net/fmimg/U4061N.L94632X.X79653L
https://img.felmat.net/4061/4061-1615271821.6256-4.png

80 KB
81 KB

2317ms
1172ms

Image
image/png

13.225.246.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.felmat.net/4061/4061-1615271821.6256-4.png
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H2
Server: 13.225.246.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-246-109.lis50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1d945d61d7e726c6fa361cfdeb75cd71eaeaffc748d48357ad80569603a581e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:38 GMT
via: 1.1 4ea3189ac84dcedc42bcd574396283f6.cloudfront.net (CloudFront)
last-modified: Tue, 09 Mar 2021 06:37:07 GMT
server: AmazonS3
x-amz-cf-pop: LIS50-C1
etag: "d29701c7f06067ef91695ac5390f62a1"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 82399
x-amz-cf-id: DVZBe3Os7LdoDtU08j4xiiRZJIw5Q2H7nYSUF03MGf_RpqS_BAtujw==

Redirect headers

location: https://img.felmat.net/4061/4061-1615271821.6256-4.png
date: Sat, 25 Nov 2023 16:02:29 GMT
server: Apache
content-length: 50
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK bgt
www25.a8.net/svt/ 75 KB
75 KB 934ms
209ms Image
image/gif 3.114.32.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www25.a8.net/svt/bgt?aid=210601808275&wid=031&eno=01&mid=s00000016113004012000&mc=1
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.32.147 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-32-147.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 8615966c66a2619db78895fba79bafd6b27ab59dd23a0d6b1ecd73169aa54c17

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 25 Nov 2023 16:02:29 GMT
Server: Apache
Connection: keep-alive
Content-Length: 76314
Content-Type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 158ms
53ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54776174-6&cid=1250876267.1700928148&jid=1390297796&_u=YADAAUAAAAAAACAAI~&z=4626283

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
297 B 188ms
65ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://flower.musea.blog/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://flower.musea.blog
Date: Sat, 25 Nov 2023 16:02:29 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK bf.png
a.imgvc.com/i/ 107 B
405 B 262ms
184ms Image
image/png 210.140.252.93
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.140.252.93 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 428ad4bae67ddaa62d92facd4318324fb5a5faed8f3c8e345fddc16f76738a25

Request headers

Referer: https://flower.musea.blog/
Origin: https://flower.musea.blog
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:29 GMT
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx
front-end-https: on
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000, private
content-length: 107
expires: Mon, 24 Nov 2025 16:02:29 GMT

GET
H2 200 app3 Show response
dalc.valuecommerce.com/ 6 KB
7 KB 247ms
246ms Script
application/javascript 54.248.201.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=887313906&_s=https%3A%2F%2Fflower.musea.blog%2F&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADBJREFUGFdjZBRj%2BJ%2FiI8VgMO8FAyP3%2FoT%2F%2F6xOMGxf78bAmHdgxX8GvgsMFkYdDAALkg4UE5olAAAAAABJRU5ErkJggg%3D%3D

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/wp-content/litespeed/js/352da13a1024c91b6aa83f8f3b411d08.js?ver=613ae

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.248.201.65 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-248-201-65.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a3dd0f5ad165075d154a361f04bd368f4e73974bb8dfda14a3d88a6e89182d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 6504

GET
H2 200 css
fonts.googleapis.com/ Frame E6D0 4 KB
1 KB 106ms
41ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=1780485171&adf=4286768824&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148071&bpp=4&bdt=918&idt=491&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Nov 2023 16:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 14:23:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Nov 2023 16:02:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E6D0 2 KB
856 B 167ms
89ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 19:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:46:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E6D0 23 KB
9 KB 88ms
86ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 10:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:20:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E6D0 3 KB
1 KB 79ms
78ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 02:18:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E6D0 20 KB
9 KB 101ms
24ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:29:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6D0 202 KB
64 KB 103ms
38ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 16:02:35 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame E6D0 37 KB
16 KB 1018ms
23ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 11:50:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 464D 801 B
372 B 70ms
41ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E5%B8%B0%E5%90%91%E3%81%91%E9%80%B2%E5%A1%BE%E3%82%A4%E5%A5%B3%E4%BA%AC%E3%83%B3%E5%AD%90%E5%9B%BD%E5%AD%A6%E3%83%A9%E3%82%AA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c43bfdbd2e77db7a3ab257ae0b32c3768c1726101b4a5e933a7c17394ddd54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Nov 2023 16:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 16:02:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Nov 2023 16:02:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 464D 2 KB
903 B 129ms
88ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 19:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:46:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 464D 23 KB
9 KB 75ms
70ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 10:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:20:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 464D 3 KB
1 KB 76ms
71ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 02:18:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 464D 20 KB
8 KB 68ms
27ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:29:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 464D 202 KB
64 KB 146ms
118ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 16:02:35 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 464D 37 KB
15 KB 1007ms
29ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 11:50:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 31A3 4 KB
728 B 57ms
52ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=4120760919&adk=1391935854&adf=1647318001&pi=t.ma~as.4120760919&w=727&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=727x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148101&bpp=1&bdt=948&idt=824&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280%2C640x280%2C300x600%2C300x169%2C300x169%2C300x169%2C300x169&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=588&ady=4242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Nov 2023 16:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 15:26:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Nov 2023 16:02:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 31A3 2 KB
856 B 107ms
90ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 19:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:46:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 31A3 23 KB
9 KB 81ms
21ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 10:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:20:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 31A3 3 KB
1 KB 62ms
24ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 02:18:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 31A3 20 KB
8 KB 48ms
32ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:29:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31A3 202 KB
64 KB 125ms
121ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 16:02:35 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 31A3 37 KB
15 KB 973ms
49ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 11:50:27 GMT

GET
H2 200 app3 Show response
dalc.valuecommerce.com/ 6 KB
7 KB 316ms
316ms Script
application/javascript 54.248.201.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=887313906&_s=https%3A%2F%2Fflower.musea.blog%2F&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADJJREFUGFcBJwDY%2FwEBFgD%2FZEwaADCe6gAB1L9g%2FzU6yAC3r0YAAarAqP%2FEEp4AXi66ABe%2BDzzC%2BLrVAAAAAElFTkSuQmCC

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/wp-content/litespeed/js/352da13a1024c91b6aa83f8f3b411d08.js?ver=613ae

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.248.201.65 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-248-201-65.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

25bfc1202737ee0b35e00b20419b2bd01ca4ed121eec1e975faa89e41ce35849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 6504

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
297 B 155ms
35ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://flower.musea.blog/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://flower.musea.blog
Date: Sat, 25 Nov 2023 16:02:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 no-img.png
flower.musea.blog/wp-content/themes/affinger/images/ 3 KB
3 KB 219ms
186ms Image
image/png 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/themes/affinger/images/no-img.png
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 11e7679b2e4af576923b7543c45a7c17bcc6b2b1b63d7ec525a3910bc57cbca8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
last-modified: Thu, 26 Oct 2023 13:46:43 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2612
expires: Sat, 02 Dec 2023 16:02:35 GMT

GET
H3 200 regina-mansor-1sIb3R-BEjk-unsplash-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 8 KB
8 KB 218ms
188ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/regina-mansor-1sIb3R-BEjk-unsplash-202x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: b461eebb997785b070e5e4c022ede651c23ad7ffb4c9d37cce095f057d496fda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
last-modified: Wed, 09 Jun 2021 16:19:03 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7845
expires: Sat, 02 Dec 2023 16:02:35 GMT

GET
H3 200 spray-carnations-star-cherry-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 5 KB
5 KB 216ms
187ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/spray-carnations-star-cherry-202x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 870923106e205b7bae81627758e36e1ece658d0cd4297662afa80305cefd1472

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
last-modified: Sun, 20 Jun 2021 11:52:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4640
expires: Sat, 02 Dec 2023 16:02:35 GMT

GET
H3 200 hypericum-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 7 KB
7 KB 195ms
189ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/hypericum-202x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: d4326226493e6b2733f8db8a1e75f6a8b32a6c3d604b9e51cec0bac90b5d6bc0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
last-modified: Thu, 24 Jun 2021 13:37:27 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7438
expires: Sat, 02 Dec 2023 16:02:35 GMT

GET
H3 200 flower-subscription-31-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/09/ 10 KB
10 KB 203ms
197ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/09/flower-subscription-31-202x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: bb1e5803b4e26f58f821e0051b84bba3d254f0df3f9bceebc113e9d00ddeb556

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
last-modified: Sat, 11 Sep 2021 03:58:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9798
expires: Sat, 02 Dec 2023 16:02:35 GMT

GET
H3 200 hitohana07-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/09/ 7 KB
8 KB 199ms
193ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/09/hitohana07-202x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: c63010684c3c71ff5b9030c98f48d3fd6443ecf4d4f7c4dba5d4d8dd3ede96c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
last-modified: Wed, 08 Sep 2021 10:55:18 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7639
expires: Sat, 02 Dec 2023 16:02:35 GMT

GET
H3 200 HitoHana-202x150.jpg
flower.musea.blog/wp-content/uploads/2022/07/ 11 KB
11 KB 195ms
190ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2022/07/HitoHana-202x150.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: a92274758f8933e8dc10140f1eb301649f492ff729779047067c0a64d93daff6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
last-modified: Mon, 18 Jul 2022 07:44:51 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10908
expires: Sat, 02 Dec 2023 16:02:35 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8904524115036012612/ Frame E6D0 8 KB
8 KB 32ms
24ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8904524115036012612/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b9d29f75913fc90500e7bf80cfc35c6466e8fa229285cb3661ea79ac4872849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 15:13:12 GMT
x-content-type-options: nosniff
age: 434963
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7890
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 16:15:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Nov 2024 15:13:12 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17684052616416184849/ Frame E6D0 48 KB
48 KB 51ms
43ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17684052616416184849/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

427b5288b2b520f07fe43716b70117f4a95567a8f0e375579bc5575bbc0d97f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:38:57 GMT
x-content-type-options: nosniff
age: 181418
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48933
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:11:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Nov 2024 13:38:57 GMT

GET
DATA 200
OK truncated
/ Frame E6D0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9785743352624388081/ Frame 464D 68 KB
68 KB 34ms
26ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9785743352624388081/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92e2ad351b35e7feb444979cb0fbca909642bd9d40efd6f732897051bdb559ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:42:51 GMT
x-content-type-options: nosniff
age: 217184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69950
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 10:55:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Nov 2024 03:42:51 GMT

GET
DATA 200
OK truncated
/ Frame 464D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4546382810863640496/ Frame 31A3 18 KB
19 KB 45ms
37ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4546382810863640496/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

730c06246e15f1240110cd044264a3aca15995bc1892029befb1ff466589748d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:33:57 GMT
x-content-type-options: nosniff
age: 8918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18927
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 17:32:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 13:33:57 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/435138319842023304/ Frame 31A3 4 KB
4 KB 43ms
36ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/435138319842023304/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05fae496e8af88fe1e290887b9ade7198df9a4c2a5864261b9b357f653270d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 13:02:12 GMT
x-content-type-options: nosniff
age: 270023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4028
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 12:46:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Nov 2024 13:02:12 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 60ms
59ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js?bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c1d47bace37d87d5a7cd7e9579bc19c6b96b749112e3886821813aec7205552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55844
x-xss-protection: 0
server: cafe
etag: 3226299742035903248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 16:02:35 GMT

GET
DATA 200
OK truncated
/ Frame E6D0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5ec652234b25125fbfdaa6be75931a3646eb1a75e682913371115146ae62f49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK b3
dalb.valuecommerce.com/ 43 B
326 B 1605ms
181ms Image
image/gif 210.140.225.83
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dalb.valuecommerce.com/b3?sharks.wiki=1&musea.blog%2Fcategory=2&beauty.musea.blog=1&www.facebook.com%2Fsharer.php=1&b.hatena.ne.jp%2Fentry=1&line.me%2FR=1&share.shutterstock.com%2Fmuseainfo=1&t.felmat.net%2Ffmcl=2&px.a8.net%2Fsvt=1&twitter.com%2Frock_miu=1&instagram.com%2Frock_miu=1&www.youtube.com%2F%40shark-activist-reino=1&musea.blog%2Fprofile-reino=1&musea.blog%2Fblogger-info=1&_p=887313906&_r=ZWIamwABtkxgCfkoCoIAigqCAobUoQ&_t=65621a9b&_du=https%3A%2F%2Fflower.musea.blog%2F

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.83 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

210-140-225-83.newton.jp-east.compute.idcfcloud.net

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, max-age=0, no-cache
content-length: 43

GET
H3 200 202112ver-02-reino-profile.jpg
flower.musea.blog/wp-content/uploads/2021/12/ 88 KB
88 KB 186ms
185ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/12/202112ver-02-reino-profile.jpg
Requested by: Host: flower.musea.blog
URL: https://flower.musea.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: f0ab575722d70be42868d635b6c3578f71acfb776193acb07147b2ae3593d35f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:35 GMT
last-modified: Sat, 18 Dec 2021 07:20:02 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 89732
expires: Sat, 02 Dec 2023 16:02:35 GMT

GET
DATA 200
OK truncated
/ Frame 31A3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f11545010304e770cb0205368f1c60ee5e3220c6732d73bd14f3cc0a21d28fc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E6D0 15 KB
16 KB 584ms
31ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:01:08 GMT
x-content-type-options: nosniff
age: 223288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 02:01:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 31A3 16 KB
16 KB 600ms
50ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 22:45:45 GMT
x-content-type-options: nosniff
age: 235011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 22:45:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 31A3 15 KB
16 KB 571ms
24ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 07:56:27 GMT
x-content-type-options: nosniff
age: 115569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 07:56:27 GMT

GET
DATA 200
OK truncated
/ Frame 464D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1db3fa66b26ac787afe6dc5399817807ea778105d7255e0f1e32c0cf33904145

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame 464D 7 KB
7 KB 593ms
60ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxogMdb0ZGix91vKLBhbNTeMXHo7hC73oDzwxf2uucn9GNawImzK6gfWV93Z&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E5%B8%B0%E5%90%91%E3%81%91%E9%80%B2%E5%A1%BE%E3%82%A4%E5%A5%B3%E4%BA%AC%E3%83%B3%E5%AD%90%E5%9B%BD%E5%AD%A6%E3%83%A9%E3%82%AA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3d48876b4c852a9c80e3c72060aa1d0118f23e7dc05750036fd13835b4c204d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 22:58:18 GMT
x-content-type-options: nosniff
age: 61458
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6960
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 25 Nov 2023 22:58:18 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
297 B 64ms
64ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://flower.musea.blog/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://flower.musea.blog
Date: Sat, 25 Nov 2023 16:02:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame C40E 9 KB
4 KB 45ms
25ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 14364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Sat, 09 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 98AE 9 KB
4 KB 39ms
26ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 14364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Sat, 09 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 5491 9 KB
4 KB 36ms
26ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 14364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Sat, 09 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame C40E 4 KB
767 B 40ms
39ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Nov 2023 16:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 14:32:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Nov 2023 16:02:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C40E 205 B
519 B 28ms
26ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:32:04 GMT
x-content-type-options: nosniff
age: 210632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Nov 2024 05:32:04 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C40E 604 B
696 B 28ms
26ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:04:30 GMT
x-content-type-options: nosniff
age: 284286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Nov 2024 09:04:30 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C40E 15 KB
7 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:42:02 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C40E 21 KB
9 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:42:03 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 98AE 9 KB
4 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 12:00:21 GMT

GET
H2 200 1290528a0f60de16515866847082b13a.js Show response
www.gstatic.com/mysidia/ Frame 98AE 20 KB
8 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8379
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 10:24:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 98AE 2 KB
822 B 24ms
23ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 19:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:46:25 GMT

GET
H2 200 55c07926d0961c7899d23978ffa28542.js Show response
www.gstatic.com/mysidia/ Frame 98AE 6 KB
2 KB 45ms
43ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/55c07926d0961c7899d23978ffa28542.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2242
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 13:25:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 98AE 23 KB
9 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 10:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:20:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 98AE 3 KB
1 KB 63ms
61ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 02:18:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 98AE 20 KB
8 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:29:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98AE 202 KB
64 KB 58ms
57ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 16:02:36 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 98AE 37 KB
15 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 11:50:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5491 23 KB
9 KB 51ms
50ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 10:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:20:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B317 143 B
166 B 47ms
45ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 15:33:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5491 3 KB
1 KB 75ms
72ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 02:18:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5491 20 KB
8 KB 75ms
72ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:29:11 GMT

GET
H3 200 3233756831840296895
tpc.googlesyndication.com/simgad/ Frame 5491 29 KB
29 KB 75ms
73ms Image
image/gif 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3233756831840296895

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6c87133c385a49e78d14b288ccd3ee5499634db62b97958bdedccd4af20b87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:57:11 GMT
x-content-type-options: nosniff
age: 515125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29792
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 14:24:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Nov 2024 16:57:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5491 202 KB
64 KB 72ms
69ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 16:02:36 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5491 36 KB
14 KB 79ms
77ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 13:49:21 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E6D0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CwQAYlBpiZc_YK_6nvcAPrrGbiATvzpKwdPXxzZSVErCQHxABIMSc4iNgye6Oi8CkjBCgAdWI1_4DyAEJqAMByAPLBKoE_QFP0JTSR5kpMOKMhf2mZHH8J2J6lV7_HnklZynnjnktR7QLd3X...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xca708f63d15066060000000000000000%22,%222%22:%220x8a6b995f8c4737050000000000000000%22,%223%22:%220x93ed83...

0
0

138ms
85ms

Fetch
text/css

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xca708f63d15066060000000000000000%22,%222%22:%220x8a6b995f8c4737050000000000000000%22,%223%22:%220x93ed835a6c20e1d60000000000000000%22,%224%22:%220xe4ed9a94e76f2f2e0000000000000000%22,%225%22:%220xc6feb53ad820f7cf0000000000000000%22},%22debug_key%22:%2210606955548996311873%22,%22debug_reporting%22:true,%22destination%22:%22https://dekorlighting.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070974037%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229647758362294117921%22}&andc=true

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xca708f63d15066060000000000000000","2":"0x8a6b995f8c4737050000000000000000","3":"0x93ed835a6c20e1d60000000000000000","4":"0xe4ed9a94e76f2f2e0000000000000000","5":"0xc6feb53ad820f7cf0000000000000000"},"debug_key":"10606955548996311873","debug_reporting":true,"destination":"https://dekorlighting.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1070974037"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"9647758362294117921"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Nov 2023 16:02:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xca708f63d15066060000000000000000","2":"0x8a6b995f8c4737050000000000000000","3":"0x93ed835a6c20e1d60000000000000000","4":"0xe4ed9a94e76f2f2e0000000000000000","5":"0xc6feb53ad820f7cf0000000000000000"},"debug_key":"10606955548996311873","debug_reporting":true,"destination":"https://dekorlighting.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1070974037"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"9647758362294117921"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 464D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ChPdIlBpiZf-VNJ-UvcAPh7-emA6sr6qzdMvErZShEa4CEAEgxJziI2DJ7o6LwKSMEKABr6yLyinIAQmpAqgryq1MvTw-qAMByAPLBKoE_gFP0I5LsBVBNWJtyxhuFKtjfIFIC_8nXpyw2Bs...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcdb6e845781ea49b0000000000000000%22,%222%22:%220x81c4e7be003da2170000000000000000%22,%223%22:%220x348280...

0
0

140ms
85ms

Fetch
text/css

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcdb6e845781ea49b0000000000000000%22,%222%22:%220x81c4e7be003da2170000000000000000%22,%223%22:%220x34828050ab7f24e40000000000000000%22,%224%22:%220x909c2f23ef936feb0000000000000000%22,%225%22:%220xdbb26e097cf96abd0000000000000000%22},%22debug_key%22:%225314273773498317690%22,%22debug_reporting%22:true,%22destination%22:%22https://kyoshin.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211161228847%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213008647083429900513%22}&andc=true

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xcdb6e845781ea49b0000000000000000","2":"0x81c4e7be003da2170000000000000000","3":"0x34828050ab7f24e40000000000000000","4":"0x909c2f23ef936feb0000000000000000","5":"0xdbb26e097cf96abd0000000000000000"},"debug_key":"5314273773498317690","debug_reporting":true,"destination":"https://kyoshin.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11161228847"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"13008647083429900513"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Nov 2023 16:02:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xcdb6e845781ea49b0000000000000000","2":"0x81c4e7be003da2170000000000000000","3":"0x34828050ab7f24e40000000000000000","4":"0x909c2f23ef936feb0000000000000000","5":"0xdbb26e097cf96abd0000000000000000"},"debug_key":"5314273773498317690","debug_reporting":true,"destination":"https://kyoshin.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11161228847"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"13008647083429900513"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 31A3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFTbdlRpiZa7UA_jLvcAP1Ka3-A2sqZfZc_WOhZuBEoLntLX5ARABIMSc4iNgye6Oi8CkjBCgAafkvKMDyAEJqQI_WWUxr5uoPqgDAcgDywSqBPsBT9C_KpQx9Hsk6o8a0NlxzA3vXHJPZzg...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5833f4958cbe900000000000000000%22,%222%22:%220xe0cccf076c2eb92b0000000000000000%22,%223%22:%220x5dea819...

0
0

85ms
85ms

Fetch
text/css

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf5833f4958cbe900000000000000000%22,%222%22:%220xe0cccf076c2eb92b0000000000000000%22,%223%22:%220x5dea819116e86f410000000000000000%22,%224%22:%220x5d525b58cbd79ab20000000000000000%22,%225%22:%220xeb30676757b4d75e0000000000000000%22},%22debug_key%22:%229857255664963441208%22,%22debug_reporting%22:true,%22destination%22:%22https://hardwoodgiant.ca%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879702567%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210856366870275545681%22}&andc=true

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf5833f4958cbe900000000000000000","2":"0xe0cccf076c2eb92b0000000000000000","3":"0x5dea819116e86f410000000000000000","4":"0x5d525b58cbd79ab20000000000000000","5":"0xeb30676757b4d75e0000000000000000"},"debug_key":"9857255664963441208","debug_reporting":true,"destination":"https://hardwoodgiant.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879702567"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"10856366870275545681"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Nov 2023 16:02:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf5833f4958cbe900000000000000000","2":"0xe0cccf076c2eb92b0000000000000000","3":"0x5dea819116e86f410000000000000000","4":"0x5d525b58cbd79ab20000000000000000","5":"0xeb30676757b4d75e0000000000000000"},"debug_key":"9857255664963441208","debug_reporting":true,"destination":"https://hardwoodgiant.ca","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879702567"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"10856366870275545681"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame E9E4 38 KB
15 KB 36ms
30ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:14:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 08:14:01 GMT

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5ED2 38 KB
15 KB 37ms
31ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7792057733524565&output=html&h=280&slotname=7485290854&adk=386953312&adf=2131722356&pi=t.ma~as.7485290854&w=640&fwrn=4&fwrnh=100&lmt=1700928148&rafmt=1&format=640x280&url=https%3A%2F%2Fflower.musea.blog%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700928148075&bpp=2&bdt=922&idt=641&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=6751467919149&frm=20&pv=1&ga_vid=1250876267.1700928148&ga_sid=1700928149&ga_hid=741472488&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=3284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802209%2C31079266%2C31079606%2C44795922%2C44809316%2C31078301%2C31079757%2C44807406%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1778394183780553&tmod=419524259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=647

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:14:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 08:14:01 GMT

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A50 38 KB
15 KB 36ms
31ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:14:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 08:14:01 GMT

GET
H3 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 62FA 9 KB
4 KB 33ms
33ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 12:00:21 GMT

GET
H3 200 1290528a0f60de16515866847082b13a.js Show response
www.gstatic.com/mysidia/ Frame 62FA 20 KB
8 KB 33ms
33ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8379
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 10:24:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 62FA 914 B
450 B 47ms
46ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A9%E5%AD%A6%E5%9B%BD%E3%82%AA%E8%B5%B4%E5%90%91%E6%B5%B7%E3%83%BB%E3%80%81%E5%B8%B0%E7%BF%92%E5%9C%A8%E6%88%90%E5%8A%9F%E3%81%A6%E3%81%B8%E5%8F%97%E5%BE%B9%E5%A4%96%E5%AD%90%E3%82%B5%E3%82%8B%E3%81%97%E9%96%8B%E5%85%A5%E3%81%99%E3%80%82%E3%81%BE%E3%81%91%E3%83%B3%E5%A5%B3%E9%80%B2%E9%A8%93%E3%82%A4%E4%BA%AC%E3%81%AE%E4%BB%BB%E6%8C%87%E5%B0%8E%E5%BA%95%E3%83%BC%E3%83%88%E5%A1%BE%E9%96%89%E4%B8%AD%E3%81%98%E3%83%9D%E8%A9%A6%E3%81%8F

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84829e271f26e84e9704e240f2cb5a24e32155c5aa3b1ce4e1e4a9f22ea0f1c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Nov 2023 16:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 16:02:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Nov 2023 16:02:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 62FA 2 KB
822 B 34ms
32ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 19:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:46:25 GMT

GET
H3 200 55c07926d0961c7899d23978ffa28542.js Show response
www.gstatic.com/mysidia/ Frame 62FA 6 KB
2 KB 33ms
31ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/55c07926d0961c7899d23978ffa28542.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2242
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 13:25:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 62FA 23 KB
9 KB 34ms
33ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 10:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:20:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 62FA 3 KB
1 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 02:18:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 62FA 20 KB
8 KB 34ms
33ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:29:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62FA 202 KB
64 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 16:02:36 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 62FA 37 KB
15 KB 31ms
30ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 11:50:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B317
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
49ms

Document
text/html

2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:36 GMT
expires: Sat, 25 Nov 2023 16:02:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5491 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abe9ce532ebc888fdfdeb0ff76f7690e3d4d0ed00c81dbdc138e9c8d0b6c6f51

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 175ms
85ms Preflight
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 25 Nov 2023 16:02:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 164ms
84ms Preflight
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 25 Nov 2023 16:02:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5491
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C0SWwlBpiZfnfKfCWvcAPlZeJ6Az56sq9c5bHm53XEfCW9erNOBABIMSc4iNgye6Oi8CkjBCgAaOFh6IDyAEDqAMByAPJBKoE-wFP0LLpQBAwLZGB83EpO9Gw7T-aHE-Aq_9CLx0u2hWlebN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x36efe03d0a393d420000000000000000%22,%222%22:%220xfaead6bf4d4c8330000000000000000%22,%223%22:%220xf5f90f9...

0
0

86ms
86ms

Fetch
text/css

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x36efe03d0a393d420000000000000000%22,%222%22:%220xfaead6bf4d4c8330000000000000000%22,%223%22:%220xf5f90f9d3c93e66a0000000000000000%22,%224%22:%220x60adbbca96e8aed80000000000000000%22,%225%22:%220x31162d17722dbd4e0000000000000000%22},%22debug_key%22:%224768958929070683158%22,%22debug_reporting%22:true,%22destination%22:%22https://randstadusa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22876724899%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212035716444171353953%22}&andc=true

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x36efe03d0a393d420000000000000000","2":"0xfaead6bf4d4c8330000000000000000","3":"0xf5f90f9d3c93e66a0000000000000000","4":"0x60adbbca96e8aed80000000000000000","5":"0x31162d17722dbd4e0000000000000000"},"debug_key":"4768958929070683158","debug_reporting":true,"destination":"https://randstadusa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["876724899"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"12035716444171353953"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Nov 2023 16:02:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x36efe03d0a393d420000000000000000","2":"0xfaead6bf4d4c8330000000000000000","3":"0xf5f90f9d3c93e66a0000000000000000","4":"0x60adbbca96e8aed80000000000000000","5":"0x31162d17722dbd4e0000000000000000"},"debug_key":"4768958929070683158","debug_reporting":true,"destination":"https://randstadusa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["876724899"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"12035716444171353953"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 85ms
84ms Preflight
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 25 Nov 2023 16:02:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B586 143 B
166 B 25ms
24ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 15:33:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AE 0
20 B 52ms
51ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmNlbnRlcmVkLWltYWdlCgoIAioGc2VydmVyCg0QKyEAAAAAAMBSQDAECg0QAyEAANDMzIR4QDAECg0QDSEAAACAmZm5PzAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAABAU0AwBBIaQ1BmNTNKREQzNElERlhCTER3SWRsVXNDelEiIGltYWdlL2ltYWdlX25vbl9pbnRlcnN0aXRpYWxfb2NoKCM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 redir.html Show response
p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 462F 247 B
868 B 134ms
38ms Document
text/html 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

d9fb29e52e53cf4f7ee276bce1fb995a091903d097513b4dd348059066d967ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-pYBRGKoUiIfIXBls1ZnnZQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 85ms
84ms Preflight
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 25 Nov 2023 16:02:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 72E0 38 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:14:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 08:14:01 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62FA 0
20 B 53ms
53ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoNECshAAAAAAAAJEAwBAoNEAMhAAAAAABYdEAwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAAChAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAACAGfVAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAyMzMhHlAMAQSGkNQYjUzSkREMzRJREZYQkxEd0lkbFVzQ3pRIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B586
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
40ms

Document
text/html

2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:36 GMT
expires: Sat, 25 Nov 2023 16:02:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F3D 38 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:14:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 08:14:01 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62FA 0
20 B 53ms
52ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoNEBQhAAAAAHBi9UAwBAoNEBUhAAAAAAAAJkAwBAoNEBYhAAAAAAAAEEAwBAoNEBghAADIzMy8fEAwBAoNEDIhAAAAAAAAAAAwBAoNEDMhAAAAAAAAAAAwBAoNEDQhAAAAAAAAAAAwBAoNEDUhAAAAAAAAAAAwBAoNEDYhAAAAAAAAAAAwBAoNEDchAAAAAAAAAAAwBAoNEDghAAAAAAAAAAAwBAoNEDkhAAAAAAAAAAAwBAoNEDohAAAA0MzM7D8wBAoNEDshAAAA0MzM7D8wBAoNEDwhAAAA0MzM7D8wBAoNED0hAAAAAAAA8D8wBAoNED4hAAAAAAAA8D8wBAoNED8hAAAAAAAA8D8wBAoNEEAhAAAAAAAA8D8wBBIaQ1BiNTNKREQzNElERlhCTER3SWRsVXNDelEiGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AE 0
20 B 52ms
51ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmNlbnRlcmVkLWltYWdlCgoIAioGc2VydmVyCg0QECEAAAAAAEKxQDAECg0QESEAAAAAgBn1QDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAAAKyGQDAEEhpDUGY1M0pERDM0SURGWEJMRHdJZGxVc0N6USIgaW1hZ2UvaW1hZ2Vfbm9uX2ludGVyc3RpdGlhbF9vY2goIw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe.html Show response
p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 462F 5 KB
2 KB 41ms
39ms Document
text/html 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

82e184d41a4395c9a979e52185642addc3e6ffd411b47aeab14b2d5400a2f2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-9NA1Ykapc5u_9K95BPjaSg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 15999471281907262455
tpc.googlesyndication.com/daca_images/simgad/ Frame 98AE 31 KB
31 KB 31ms
31ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15999471281907262455?w=360&h=720&tw=1&q=75

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff5d12f001667e0f4b722be8b2c85c51b4883e227b32663fd655eab671529bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:20:50 GMT
x-content-type-options: nosniff
age: 9707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31878
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 13:47:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 13:20:50 GMT

GET
DATA 200
OK truncated
/ Frame 98AE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11806ae21437fea0750d9e9c038f9727394a04fec3eae8b43c0fc40a337adabf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E12 38 KB
15 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:14:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 08:14:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 98AE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CnFOxlBpiZfffKfCWvcAPlZeJ6AySguS1dI7y0fCeEuuEhsvCARABIMSc4iNgye6Oi8CkjBCgAcyCyskoyAEBqAMByAPLBKoE-gFP0GeSeSbPyXz6Lel4Gi1iU_rdcJeJM3friXK0mNRkRiX...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x77f15f7890ed7d8c0000000000000000%22,%222%22:%220x6ffed072f70f86990000000000000000%22,%223%22:%220xe9c032...

0
0

85ms
85ms

Fetch
text/css

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x77f15f7890ed7d8c0000000000000000%22,%222%22:%220x6ffed072f70f86990000000000000000%22,%223%22:%220xe9c032752ca68cf80000000000000000%22,%224%22:%220x1c6c005d445c32e20000000000000000%22,%225%22:%220x175c99b259176cd70000000000000000%22},%22debug_key%22:%2215040226812204879314%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210891723084%22],%224%22:[%2211-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22396597202331352305%22}&andc=true

Requested by

Host: flower.musea.blog
URL: https://flower.musea.blog/

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x77f15f7890ed7d8c0000000000000000","2":"0x6ffed072f70f86990000000000000000","3":"0xe9c032752ca68cf80000000000000000","4":"0x1c6c005d445c32e20000000000000000","5":"0x175c99b259176cd70000000000000000"},"debug_key":"15040226812204879314","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10891723084"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"396597202331352305"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Nov 2023 16:02:37 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Nov 2023 16:02:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x77f15f7890ed7d8c0000000000000000","2":"0x6ffed072f70f86990000000000000000","3":"0xe9c032752ca68cf80000000000000000","4":"0x1c6c005d445c32e20000000000000000","5":"0x175c99b259176cd70000000000000000"},"debug_key":"15040226812204879314","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10891723084"],"4":["11-25"],"6":["true"]},"priority":"500","source_event_id":"396597202331352305"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AE 0
20 B 54ms
54ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmNlbnRlcmVkLWltYWdlCgoIAioGc2VydmVyCg0QFCEAAAAAgBn1QDAECg0QFSEAAAAAAAAkQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAJqZmbOQQDAECg0QMiEAAAAAAAAeQDAECg0QMyEAAAAAAAAeQDAECg0QNCEAAAAAAAAeQDAECg0QNSEAAAAAAAAeQDAECg0QNiEAAAAAAAAeQDAECg0QNyEAAAAAAAAeQDAECg0QOCEAAAAAAAA2QDAECg0QOSEAAEAzM_NHQDAECg0QOiEAAICZmZlIQDAECg0QOyEAAJiZmXGGQDAECg0QPCEAAJiZmXGGQDAECg0QPSEAAMzMzKyGQDAECg0QPiEAAAAAAIKQQDAECg0QPyEAAGZmZoKQQDAECg0QQCEAADQzM72QQDAECg0QCiEAAGhmZi6GQDAECg0QDiEAAAAAAAAAADAECg0QBCEAAJqZmTuRQDAECg0QDyEAAAAAAAAAADAECg0QBSEAAGZmZjyRQDAEEhpDUGY1M0pERDM0SURGWEJMRHdJZGxVc0N6USIgaW1hZ2UvaW1hZ2Vfbm9uX2ludGVyc3RpdGlhbF9vY2goIw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
86ms Preflight
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 25 Nov 2023 16:02:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E6D0 42 B
64 B 105ms
55ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPv5XcCcCxmCuEGU6QfFw8JhMEF1q60rpOVHsDiK8wj7A1bjRbda05u6R6LPj1ZW7fWZlpmumEQTanyP_AmViNxLgh99jBbK6DI5vNEUzuMA75ttaavvSgPaMXekDDNM2vdFa-a6ux4bTGjYHiRCFu-s0JBMECok7Vc65Y&sai=AMfl-YRYUMdwaPhD8pyMlqYO7MhvDxP_PECKNsaHUTj81A258Kccq5N4-FlfLUuXCzIJuh8Y1yD6fF3eRh3BXTmWrV5dwMEWqamNCKtxpK1buRX_XWnZnw4tmdzOnanQgCEyAo1n5CcJQdnu6m_cwf3H&sig=Cg0ArKJSzEv1fsSlJbycEAE&cid=CAQSTgDICaaN277XVJ3XJzJ6vn7KMNkI7gtz5i6OAXSnJcGFHBdldgwXvdrzNltSxTFFHQ7GGO6BgDcQJb7XfMhhUh1da_g0oVOznEvSjmS-iRgB&id=lidar2&mcvt=1000&p=0,0,280,640&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1780485171&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700928148586&rpt=7774&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5491 42 B
64 B 55ms
54ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmzUoIzZM5SO3q8mhU6w0bwvAdC-uNvIA_hBS-mUDA6-m_wanh5YZX4802I91IZphQpclX8hshaJaCi3n0yH0LVIoz6l9YGed60m5NrJmrkBbmTExuxsSltBguPlWrGU-W21JpfuIWBw&sai=AMfl-YQu_wlnUNmVvIe9ylkf6DquaMjECTCiTv5M07MgpMPcOi-rTxqMprrK5GRSNsTwzo3bg3s-ZxeudsMloBZzs_2eQZ2Ux6vm5jRiqdWmFt5DFhgcBF97fncZ-85ClBa0qBo3C5_sSuq8jGTQqiaxqQ&sig=Cg0ArKJSzFbp75nlfjVtEAE&cid=CAQSTwDICaaNfzay7M7R4BTVMtSwwyYRUwMz9Uvml6Bd_wrPQeWTio_1c3X3OA2vBrx1qBMhzKNJEsUJJevZ_FI1cM_2gfvGGpsIQxhY_5I7_D0YAQ&id=lidar2&mcvt=1032&p=0,0,124,1005&mtos=276,859,1032,1176,1176&tos=276,583,173,144,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700928156159&rpt=369&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 94ms
93ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53a0b3f2b0998a9e84f4460a1febea28f975f9e380a6db691862bb747ee722b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12379
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3080EF9966E34EC18FAFEB6968F265AE&RedC=c.clarity.ms&MXFR=08772377FE94670D2EFD30A3FA9469C5
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3080EF9966E34EC18FAFEB6968F265AE&MUID=02C59A31F0C4681735A889E5F1A669A3

42 B
441 B

35ms
34ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3080EF9966E34EC18FAFEB6968F265AE&MUID=02C59A31F0C4681735A889E5F1A669A3
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:37 GMT
last-modified: Wed, 30 Aug 2023 15:12:15 GMT
server: Microsoft-IIS/10.0
etag: "3370fe5b54dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25CFECB6369D4A0FB0980353E977A2F5 Ref B: EWR311000105031 Ref C: 2023-11-25T16:02:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3080EF9966E34EC18FAFEB6968F265AE&MUID=02C59A31F0C4681735A889E5F1A669A3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 delphinium-02-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/07/ 9 KB
9 KB 188ms
187ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/07/delphinium-02-202x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 17328273c97f88a46097944232297cf19f8380e8bd862aa9025bfadfb6d325bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:37 GMT
last-modified: Wed, 14 Jul 2021 15:33:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8833
expires: Sat, 02 Dec 2023 16:02:37 GMT

GET
H3 200 bloomee-kuchikomi-08-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/07/ 7 KB
7 KB 186ms
185ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/07/bloomee-kuchikomi-08-202x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: 43728166135a0cad0fd8aaa69a11c2a1cc2062f8a9b0bfae35412d4aa4695fce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:37 GMT
last-modified: Fri, 02 Jul 2021 05:53:10 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7526
expires: Sat, 02 Dec 2023 16:02:37 GMT

GET
H3 200 flower-scissors-202x150.jpg
flower.musea.blog/wp-content/uploads/2021/06/ 5 KB
5 KB 188ms
188ms Image
image/jpeg 131.186.62.237
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flower.musea.blog/wp-content/uploads/2021/06/flower-scissors-202x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 131.186.62.237 , Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: ty10021.mixhost.jp
Software: LiteSpeed /
Resource Hash: fa04ce20aac45459d58e29df07512d216c7d62975c5995791c16a57a269ae075

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:37 GMT
last-modified: Wed, 23 Jun 2021 08:53:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5132
expires: Sat, 02 Dec 2023 16:02:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
41ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 16:02:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 49B7 13 KB
5 KB 25ms
24ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 107275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 10:14:42 GMT
expires: Sat, 23 Nov 2024 10:14:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C75 829 B
560 B 46ms
46ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

06391ad802d7c3623c631bf23580aaa98b8e819dec67411825147284f37a79e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qkQtikRKEULLoUygOZxwNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://flower.musea.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qkQtikRKEULLoUygOZxwNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:02:37 GMT
expires: Sat, 25 Nov 2023 16:02:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 49B7 39 KB
15 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 05:32:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C75 0
0 83ms
82ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1778394183780553&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 49B7 0
11 B 25ms
23ms Image
text/plain 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Kmgp0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:02:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98AE 42 B
64 B 55ms
54ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuSX64Z8Wo-PRg2St-5dbfSaAYtjmMFffLHRa5_bgAF8aEG_Du5RlQTCsdT66L5QccsMkL-CQX3JgpBLeBrx8tFuox3EphBJZTRAGTzOUX8EbB9gbweAEdLFmZ86y27uyFYtpQKKKwJz5DzsBgBLsaG8ekebuE2_yM39c0&sai=AMfl-YRoOXpEuc-aGRxgKU_ZUZZPZYKQCJ0bp9aAiyEobXz-9R_Dkpf71ezi2muLrwiMJZKtAY7yrZapqzKSTTvrCp7z-laoWnoyfIAw2aoUixdi3YFdh3b463WnFasXAJwQMiRHg_MgEPv-sjI2SIcAJA&sig=Cg0ArKJSzFyWXfPDGvG-EAE&cid=CAQSTwDICaaNfzay7M7R4BTVMtSwwyYRUwMz9Uvml6Bd_wrPQeWTio_1c3X3OA2vBrx1qBMhzKNJEsUJJevZ_FI1cM_2gfvGGpsIQxhY_5I7_D0YAQ&id=lidar2&mcvt=5305&p=-50,0,450,200&mtos=0,5305,5305,5305,5305&tos=0,5305,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700928156151&rpt=1070&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
297 B 113ms
33ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://flower.musea.blog/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://flower.musea.blog
Date: Sat, 25 Nov 2023 16:02:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 6.gif
p4-brznkl24je6km-w2jy4gby3uddal75-647441-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 462F 35 B
490 B 300ms
39ms Image
image/gif 142.250.176.210
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-brznkl24je6km-w2jy4gby3uddal75-647441-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.210 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-brznkl24je6km-w2jy4gby3uddal75-647441-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 462F 35 B
490 B 306ms
42ms Image
image/gif 2607:f8b0:4006:80d::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-brznkl24je6km-w2jy4gby3uddal75-647441-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2012 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 16:02:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 87ms
87ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1778394183780553&bg=!zc6lzoHNAAZxrfrxUa07ADQBe5WfODod8PcQiR4d1m1n4BdBBuT9aSUmhHzA8wbs8oP6IwEHZiP4EfyStVHEUdePd_e_AgAAMKtSAAAABWgBB5kCtTlYGDr9Djkl_qrKOhaPI_6rNGrrNTfm-8G-lxZdavj_8HVP_tMXYKcuYx7HLfWFWXuLBe_YcxPzVPc4Y8WvUi_FbSZqt5cdWxNTbEnPIZ4kamK7MP5pKaRV4Wau40yjZusaRniMduAXbQXX51sAeQ4lGBPaN8zFdftsanyIhUjx9nSGWaM8_r-yVTzPjTgSem-dNnsUisak8P85TJXaD2jKnIuKdntNs--q3OcScjo7pzrl_qQZ8y07L0YBa15y1TN3eFIdNPZy9ynrSzcqnSYQQ2xMJorI2O66dfJuSZDX2RUlqfidx7e478mavKKvncJPFco1lsdbVpXxj8ire9tdwLB4S5zQ6L75f3rW_sSUgvzul1RnF9Ue1a74gYc_SbMBdhsa_nPm7M_SjWcbyRxctYdNP-GwuJk2OZq39GiuBH7drD0TZkmkqR8f3qs4jp5ZIvE6DBmjja43CLsyh1wpJdYiv2osqkZL5G7hA8mDwF_ASpixUEJuYcImIAE6QZ_YjAhIlRXcV6Xwe0rqDwamOJxrf852mVAAD_UJNvUjApjxF7PO8FKhBjdWWMpkql7S-GZclwjrWuP3R0AQtGHht2LItMWTRoaXzWProZFF_VCEblrsPPe4cWqLz8Bvy-fOmR9npZ0QS_7RO39wOB4HMNB8-zGQzjT4U84qyY0JSIbd_kqyrqTN0__EhiKc9GJjQGn1cmNKHLXli_xmidBKsw9VYWChZhu0RslUe2o6UIwVG2mO322nXv8USV75fWHq5GnyqihxysqpZ2O0-2kXSnzQb5x5zgif2z0ByvDyoeIK6HSWwBAa3DJxAjMN4jQxYLeJzjCVo-YlVNbEDYyXrBQRtgCPf3_W0rwv6bn-EUDo1rwjAyyrrcFDGBosWpE5j0jaTFUs0QcTtSS8W9inSQtmzg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://flower.musea.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
297 B 32ms
31ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://flower.musea.blog/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://flower.musea.blog
Date: Sat, 25 Nov 2023 16:02:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.musea.blog/	1970-01-21 02:04:48	Name: _ga_S69RZGMQ9C Value: GS1.1.1700928148.1.0.1700928148.0.0.0
www.clarity.ms/	1970-01-21 01:14:24	Name: CLID Value: 0a349e5ebdd44381b292d8722e5710e3.20231125.20241124
.musea.blog/	1970-01-21 02:04:48	Name: _ga Value: GA1.2.1250876267.1700928148
.musea.blog/	1970-01-20 16:30:14	Name: _gid Value: GA1.2.1197384349.1700928149
.musea.blog/	1970-01-20 16:28:48	Name: _gat_gtag_UA_54776174_6 Value: 1
.musea.blog/	1970-01-21 01:14:24	Name: _clck Value: 18cv061%7C2%7Cfh0%7C0%7C1424
.twitter.com/	1970-01-21 02:04:48	Name: personalization_id Value: "v1_H60xb9+7XEN5+b970nW3BQ=="
.t.co/	1970-01-21 02:04:48	Name: muc_ads Value: 933c33b5-e606-4663-9136-a31e6d86d166
.musea.blog/	1970-01-21 01:50:24	Name: __gads Value: ID=09923508e3077f29:T=1700928148:RT=1700928148:S=ALNI_MaZ6EFA06JsWSsAWGlZwHXLOPL99Q
.musea.blog/	1970-01-21 01:50:24	Name: __gpi Value: UID=00000da3d26ce3b3:T=1700928148:RT=1700928148:S=ALNI_MauTA11_zrJOJQrMR5P4It3VdxIww
.musea.blog/	1970-01-20 16:30:14	Name: _clsk Value: 1i8pcr3%7C1700928149209%7C1%7C1%7Cq.clarity.ms%2Fcollect
.valuecommerce.com/	1970-01-21 02:04:48	Name: VCB Value: ZWIalQACFh1gCfkoCoIAigqCACqwhw&c=951a6265&v=2&s=0174c7e4
t.felmat.net/	1970-01-20 16:38:52	Name: AWSALBCORS Value: Pt+bxnJQtmIRFUaS6/OAd+XG3C7yGWKAl82I9Cw2ELjKHrtJTuy76qT8R867B2QPQ5sNyYIWqgX1RDy0SF6pDvFZlElf8BdC4Lg9wm1WtApIe6wKP6egjmHJJIcX
.flower.musea.blog/	1970-01-21 02:04:48	Name: _VC_PTB_ Value: ZWIamwADvsBgCfkoCoIAigqCAoYUog
.musea.blog/	1970-01-21 02:04:48	Name: _VC_PTB_ Value: ZWIamwADvsBgCfkoCoIAigqCAoYUog
.doubleclick.net/	1970-01-21 02:04:48	Name: IDE Value: AHWqTUmvSn5HU6ODMqfFgtdUZWjnYRHo5vg7YuhfpN_CCWJmsWznv-W3gfij3FU2ZcM
.doubleclick.net/	1970-01-20 16:28:51	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:38:24	Name: ar_debug Value: 1
.bing.com/	1970-01-21 01:50:24	Name: MUID Value: 02C59A31F0C4681735A889E5F1A669A3
.c.bing.com/	1970-01-20 16:38:52	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:50:24	Name: SRM_B Value: 02C59A31F0C4681735A889E5F1A669A3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:50:24	Name: MUID Value: 02C59A31F0C4681735A889E5F1A669A3
.c.clarity.ms/	1970-01-20 16:38:52	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:28:48	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://flower.musea.blog/wp-content/uploads/2021/02/great-white-shark-01.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.imgvc.com
ajax.googleapis.com
analytics.twitter.com
b.hatena.ne.jp
c.bing.com
c.clarity.ms
dalb.valuecommerce.com
dalc.valuecommerce.com
flower.musea.blog
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
img.felmat.net
logs-01.loggly.com
p4-brznkl24je6km-w2jy4gby3uddal75-647441-i1-v6exp3.v4.metric.gstatic.com
p4-brznkl24je6km-w2jy4gby3uddal75-647441-i2-v6exp3.ds.metric.gstatic.com
p4-brznkl24je6km-w2jy4gby3uddal75-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
q.clarity.ms
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.felmat.net
tpc.googlesyndication.com
utt.impactcdn.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www11.a8.net
www25.a8.net
104.244.42.131
104.244.42.133
13.225.246.109
13.225.246.96
131.186.62.237
142.250.176.210
142.250.81.227
142.251.40.130
146.75.28.157
18.180.239.81
20.110.205.119
20.231.53.73
210.140.225.83
210.140.252.93
2607:f8b0:4004:c1d::9b
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2012
2607:f8b0:4006:80f::200a
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2004
2607:f8b0:4006:820::2008
2607:f8b0:4006:820::200a
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2001
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2003
2620:1ec:bdf::40
2620:1ec:c11::200
3.114.32.147
35.186.249.72
52.33.155.26
54.248.201.65
02f1496fa020d74b3ae0e55b53bef3c425b5bec3d68825e23d213db1799a6887
04af345e38956b52ed27ac354dc382bf34949ab628b3e20ac74c1455c11b92cf
04bde099a84543355dca866ad0d4270c407f522c772b9051729229d641d440d2
06391ad802d7c3623c631bf23580aaa98b8e819dec67411825147284f37a79e7
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
11806ae21437fea0750d9e9c038f9727394a04fec3eae8b43c0fc40a337adabf
11e7679b2e4af576923b7543c45a7c17bcc6b2b1b63d7ec525a3910bc57cbca8
17328273c97f88a46097944232297cf19f8380e8bd862aa9025bfadfb6d325bd
1806f7d2243e30f806be4722b2d7eff06cfe02f6d54b654d68cd243877089817
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1c1d47bace37d87d5a7cd7e9579bc19c6b96b749112e3886821813aec7205552
1db3fa66b26ac787afe6dc5399817807ea778105d7255e0f1e32c0cf33904145
1ff7848d9525d5637759225d02dabbb401284a64289dd5e673fd71799478df0f
2011886abd68b0cf6244c99970e5eb590e0e77f2fb0357725b83a44a0201948f
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
25bfc1202737ee0b35e00b20419b2bd01ca4ed121eec1e975faa89e41ce35849
269ddbd0fed8f4035c6d60702b287c9b152996d2f7049b4c6f2185f591a2059c
281f115fe664da62d82f25e0f1edbddd7e5df603198e4d5370d534df3461ee36
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d941472fd86faa7a8c02cdb753b69179a6e9b2314026b4a9f9df5f5f3e380b0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318b54515604914f44d0f13947a98fd7c23bd8d4ffff88193805c7b0b309edb7
355af98c2f5f7fc3d9e82b7137643ab1ba0d9aa6167702f93587d1ffad3ae49e
3b9d29f75913fc90500e7bf80cfc35c6466e8fa229285cb3661ea79ac4872849
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c8538a5f6d9915e2f08617932d5326ce87969986f1302218d7252b3903a8304
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3f11545010304e770cb0205368f1c60ee5e3220c6732d73bd14f3cc0a21d28fc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
427b5288b2b520f07fe43716b70117f4a95567a8f0e375579bc5575bbc0d97f9
428ad4bae67ddaa62d92facd4318324fb5a5faed8f3c8e345fddc16f76738a25
43728166135a0cad0fd8aaa69a11c2a1cc2062f8a9b0bfae35412d4aa4695fce
457739479db31d4919446fd739eb44557682790eb6c6a817758e54d9020b6681
47fca48f5504718b5e2a76a64cf7644c55dd5e334de9715dc24f98343b094f1e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5180c07d5f2098d9e9619f40a0871cd5d7e72de030c86e60be6aa5d670464a25
53a0b3f2b0998a9e84f4460a1febea28f975f9e380a6db691862bb747ee722b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
595ef67cf7253a05b186432404963e36516afcaa1a942758f07d3ebb629461e7
59bdccc33c9ccd16ddef60d8fb9db67b2e16f2e6026bc4de5d9dffa8c19401d5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6bdf48417b23f8796c388fcebb4b2175f24c4f97ed77c2cfcf68b1a3514bf121
6d2b3ac48760cd970da265c6b0995b03a437f5111edff65817f8cf2e433545e1
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9
730c06246e15f1240110cd044264a3aca15995bc1892029befb1ff466589748d
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7a6db321f8a41209f79fc24dbf6e98a17f6d58fb2284be1fad44382774501c37
7c43bfdbd2e77db7a3ab257ae0b32c3768c1726101b4a5e933a7c17394ddd54b
82e184d41a4395c9a979e52185642addc3e6ffd411b47aeab14b2d5400a2f2c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84034db6a4597bd7cbbf244057dc34e3061160443e51080a7af9c92af5ee0213
84829e271f26e84e9704e240f2cb5a24e32155c5aa3b1ce4e1e4a9f22ea0f1c8
8615966c66a2619db78895fba79bafd6b27ab59dd23a0d6b1ecd73169aa54c17
870923106e205b7bae81627758e36e1ece658d0cd4297662afa80305cefd1472
8ad5cf4d033816481520a42c6a63a72bbae4a9a45c017567e9636a9737d81709
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
901a09f7d190e8adcffc5eb647c491af2ef974ddee6700ed1db5ffdb310a7c8c
9129a0579b175c70ede3914a90ef225c1e30feecb5efa9f2bb99f123dedc02fe
92850d4feb8e9a7a458246e8e4c92122bc4ad68ac48697e919fb6ac77160f420
92863dee296beb10d9d9cd8e540945ed7969f7c2855707b35cf3604886eb6ce4
92e2ad351b35e7feb444979cb0fbca909642bd9d40efd6f732897051bdb559ea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b585ea42f3c74edbd6575fac6dd8da76e6750da6a629e401fc07aeb8afaa8f6
9bc3472be7627dc44213c4f5146c26b1d8b6958ed02d23718bee24d8026e7619
9dcfdf0e15f3336df3e063ee1986f836c72f625d6bca3e3d01ef863a37dc6c30
a05fae496e8af88fe1e290887b9ade7198df9a4c2a5864261b9b357f653270d8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3dd0f5ad165075d154a361f04bd368f4e73974bb8dfda14a3d88a6e89182d2d
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a92274758f8933e8dc10140f1eb301649f492ff729779047067c0a64d93daff6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4a3df4d4070f3e677a2fcdd8660230a103d8f50efcce5b8b6c845b8cad5ed7
abe9ce532ebc888fdfdeb0ff76f7690e3d4d0ed00c81dbdc138e9c8d0b6c6f51
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afddb60efca2394859fa6b1222aa4805b6047203a6fc8e1548fb613bc1023d01
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b3d48876b4c852a9c80e3c72060aa1d0118f23e7dc05750036fd13835b4c204d
b461eebb997785b070e5e4c022ede651c23ad7ffb4c9d37cce095f057d496fda
bb1e5803b4e26f58f821e0051b84bba3d254f0df3f9bceebc113e9d00ddeb556
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
bd4420c3029524efce3cc09d4344d2eac8f057ad0e6b70250092d31e25eb9bf8
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
c2625bf77198a90dd1fc6ca19dde1cb3987c71cb51134a42262dadcdd0129fe8
c5d0b40361c4f499d28bba467b810881d66071cd8465dd7bd9002f06882f8298
c5ec652234b25125fbfdaa6be75931a3646eb1a75e682913371115146ae62f49
c63010684c3c71ff5b9030c98f48d3fd6443ecf4d4f7c4dba5d4d8dd3ede96c1
caf7e2ebbc0ff51a1cd12a8981325d32b2beb604370c246b6748520d4d051faf
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d156f1b711fe4ee8d79db77d0e5ba92c3fc2b7cf49bdf2faf3063e03cd14f93a
d4326226493e6b2733f8db8a1e75f6a8b32a6c3d604b9e51cec0bac90b5d6bc0
d9fb29e52e53cf4f7ee276bce1fb995a091903d097513b4dd348059066d967ed
dbee6865c60d4f2849f833a6764541d182b5d51ae89a2190b8c8182beb23d34b
dcc993ad60af17171adfbc1ecf2761d600b1924f00a450a39d249c73906d2a53
de05958503b96413b9aa257ac48c72bc62394f5759c638b97f306d005e711b53
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4973dc2126a861a9d27a33715c3e3e3f5f35c23d72855f66082366c92999213
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
e5a3ba1f194a04933e577e30f83fe45ac3a1866831fe9c8bb31de11e26818378
e5eb93d25eed29b759b87fddc85c70e89e617d2e00a918d2880bdc93dc7f5cca
e6c87133c385a49e78d14b288ccd3ee5499634db62b97958bdedccd4af20b87d
eb1086dd63c815d80a83864c0f9b0f498e7236348c94b19b1b0ef64cf5262ab1
ed17459f5bcac54d496e88b23d0c05be5f1224c669692e1d1997550b3ebee922
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ab575722d70be42868d635b6c3578f71acfb776193acb07147b2ae3593d35f
f1d945d61d7e726c6fa361cfdeb75cd71eaeaffc748d48357ad80569603a581e
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa04ce20aac45459d58e29df07512d216c7d62975c5995791c16a57a269ae075
ff5d12f001667e0f4b722be8b2c85c51b4883e227b32663fd655eab671529bfd

flower.musea.blog Open in urlscan Pro 131.186.62.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

187 Requests

96 %HTTPS

45 %IPv6

22 Domains

35 Subdomains

33 IPs

2 Countries

2725 kBTransfer

6555 kBSize

25 Cookies

16 Outgoing links

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flower.musea.blog Open in urlscan Pro
131.186.62.237 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

96 %
HTTPS

45 %
IPv6

22
Domains

35
Subdomains

33
IPs

2
Countries

2725 kB
Transfer

6555 kB
Size

25
Cookies

187 HTTP transactions
11 data transactions