www.q2saloon.com Open in urlscan Pro
2001:4860:4802:32::15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://q2saloon.com/
Effective URL:
https://www.q2saloon.com/
Submission: On September 27 via manual (September 27th 2024, 6:42:30 pm UTC) from CA — Scanned from CA

Summary HTTP 49 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 7 domains to perform 49 HTTP transactions. The main IP is 2001:4860:4802:32::15, located in United States and belongs to GOOGLE, US. The main domain is www.q2saloon.com.
TLS certificate: Issued by WR3 on August 22nd 2024. Valid for: 3 months.

This is the only time www.q2saloon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
9	142.250.123.94 142.250.123.94	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4023:1415::65	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4023:1413::61	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:402... 2607:f8b0:4023:1401::8a	15169 (GOOGLE) (GOOGLE)
1	142.251.182.105 142.251.182.105	15169 (GOOGLE) (GOOGLE)
5	142.251.166.94 142.251.166.94	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4023:1402::64	15169 (GOOGLE) (GOOGLE)
1	142.251.178.138 142.251.178.138	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.112.100 142.250.112.100	15169 (GOOGLE) (GOOGLE)
1	142.251.4.132 142.251.4.132	15169 (GOOGLE) (GOOGLE)
49	15

1 2001:4860:4802:36::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

q2saloon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

www.q2saloon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.123.94 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: gh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1415::65 (Columbus, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1413::61 (Columbus, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:824::2001 (United States)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1401::8a (Columbus, United States) 1 redirects

ASN15169 (GOOGLE, US)

maps-api-ssl.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.182.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: go-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.166.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: gl-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1402::64 (Columbus, United States)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.178.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: yucmhab-in-f138.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.112.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: ga-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.4.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: gm-in-f132.1e100.net

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googleusercontent.com lh5.googleusercontent.com — Cisco Umbrella Rank: 214 lh4.googleusercontent.com — Cisco Umbrella Rank: 926 lh3.googleusercontent.com — Cisco Umbrella Rank: 59 lh6.googleusercontent.com — Cisco Umbrella Rank: 944	4 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	1022 KB
8	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 135 maps-api-ssl.google.com — Cisco Umbrella Rank: 45952 www.google.com — Cisco Umbrella Rank: 3 play.google.com — Cisco Umbrella Rank: 21 drive.google.com — Cisco Umbrella Rank: 316	117 KB
4	q2saloon.com 1 redirects q2saloon.com www.q2saloon.com	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	168 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	4 KB
49	7

	Domain	Requested by
9	www.gstatic.com	www.q2saloon.com www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com
5	lh3.googleusercontent.com	www.q2saloon.com
4	lh4.googleusercontent.com	www.q2saloon.com
4	lh5.googleusercontent.com	www.q2saloon.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	lh6.googleusercontent.com	www.q2saloon.com
3	apis.google.com	www.q2saloon.com apis.google.com
3	www.q2saloon.com	www.gstatic.com
2	play.google.com	www.gstatic.com
2	www.googletagmanager.com	www.q2saloon.com www.googletagmanager.com
2	fonts.googleapis.com	www.q2saloon.com
1	drive.google.com	www.gstatic.com
1	www.google.com	www.q2saloon.com
1	maps-api-ssl.google.com	1 redirects
1	q2saloon.com	1 redirects
49	16

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.youtube.com

Subject Issuer	Validity	Valid
www.q2saloon.com WR3	`2024-08-22` - `2024-11-20`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.apis.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.q2saloon.com/
Frame ID: EEFE80D60B05758CB4A5419B82B54CE1
Requests: 44 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html
Frame ID: D706DF78664E395EB50E1BC82F04E44F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m12!1m8!1m3!1d3989.8012595121158!2d-78.475655!3d-0.16698!3m2!1i1024!2i768!4f13.1!2m1!1s-0.167055,-78.475547!6i17!3m1!1sen-US!5m1!1sen-US
Frame ID: 77AE7C4FCEE5EE300E42A7F69CDAA21C
Requests: 1 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup
Frame ID: 9A4B3B34AE3AB01DC523ED86AC24B66C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inicio

Page URL History Show full URLs

http://q2saloon.com/ HTTP 307
https://q2saloon.com/ HTTP 307
http://q2saloon.com/ HTTP 301
http://www.q2saloon.com/ HTTP 307
https://www.q2saloon.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

49
Requests

96 %
HTTPS

63 %
IPv6

7
Domains

16
Subdomains

15
IPs

1
Countries

5693 kB
Transfer

9070 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/url?q=https%3A%2F%2Fapi.whatsapp.com%2Fsend%3Fphone%3D593995393656&sa=D&sntz=1&usg=AOvVaw2MAzA60HBQdvSXgj8XVok1

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fapi.whatsapp.com%2Fsend%3Fphone%3D593997929809&sa=D&sntz=1&usg=AOvVaw2UGnMjxfm_O0UO_31Og9bY

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.facebook.com%2Fq2saloonautos%2F&sa=D&sntz=1&usg=AOvVaw1TVXi8sqsYtA7C6CBm-2Yn

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.instagram.com%2Fq2saloonautos%2F&sa=D&sntz=1&usg=AOvVaw1-5fq4lzjK592l6RUomsjk

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCdUJL8k4oklT3aYGzAlbaOg

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://q2saloon.com/ HTTP 307
https://q2saloon.com/ HTTP 307
http://q2saloon.com/ HTTP 301
http://www.q2saloon.com/ HTTP 307
https://www.q2saloon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://maps-api-ssl.google.com/maps?hl=en-US&ll=-0.16698,-78.475655&output=embed&q=-0.167055,-78.475547+(Untitled+Location)&z=17 HTTP 301
https://www.google.com/maps/embed?origin=mfe&pb=!1m12!1m8!1m3!1d3989.8012595121158!2d-78.475655!3d-0.16698!3m2!1i1024!2i768!4f13.1!2m1!1s-0.167055,-78.475547!6i17!3m1!1sen-US!5m1!1sen-US

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.q2saloon.com/
Redirect Chain

http://q2saloon.com/
https://q2saloon.com/
http://q2saloon.com/
http://www.q2saloon.com/
https://www.q2saloon.com/

110 KB
19 KB

232ms
163ms

Document
text/html

2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66ae2bc836accaabba3833aa9d93320272267b9ada3176648801c6df851e83f5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-8Q8MmbH9KOYywr1iJjLjRg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-8Q8MmbH9KOYywr1iJjLjRg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Fri, 27 Sep 2024 18:42:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
reporting-endpoints: default="/web-reports?jobset=prod&bl=editors.sites-viewer-frontend_20240917.02_p1&clss=1&context=eJwNyH9I1Hccx_EPn3u_zzqbLReNrBxKK5adnm7D09Sb9-0sZT-vsc8Xw5Sd53Y6rjrtTP9R50SouY2xwKLmeda6spsmOS2CfmywWQiTETUKsv2ipSOuvLxr426vPx484WmaTRlYokQ4VYm3VyrxLlx6XglrnxLbYcUXSmRBol-JtMNKUFCJlVA6poR5HIWGH5Xww70pJSLgnlZiH_z0sxK3QN1V4gP4fl6JX-DoghJnYCCuxAh4Ekq0wa7VuvDCv2t0kbpWFwvrdEGZuti3Xhc94HLoohlaoRdW1eliA3h8umiD4pybIgHGzTdFJjxXE5FrwPlhRFaD7bdHchtszIvKPOixRGUfWDqj0goPu6JyEdqaFmUXTJXE5AxcLI3JH-CJOyYTcPJATI7A-9fishH6nQkZAK9ISj_E1ialWJeUC_uT8j9wtidlNezskwYXvGUwGBQ4_zQYqmH_w2LqhLzoFioE2V9CJjh_poSuQPrLZZQBH9eX0QHIZhttgsoiG70DxVM2skOkqpzi0P1POR2EQ_12OgaTw3a6DKVhOzng0B6NjoHLr1ETTHdqdAPyuzUqBzmqkQlOjWl0Foq-w4fQDY1GoWdOoz5wRDR6A7xZW8kPmxq3UgEs5jgoCdZGB70GL-51kBk--ctBn4K1toI66iqoF776bBsdhxBMwpdfb6cj8Ht6Jc1BR3sl9cKdlCr6AzaYqigXWncMcAfcmhjgWTC7A_wqbBwKcB7MPA7wr_A0FmAZh-lBNkEiMcjG5CDPpgf5PiwtC_IKsNQE2QopviFeDsnHQ3z6o-M8BrOZJ_g-7Dh3gre8_g1rsPqFEGdBcVeI7ZAxHuJscD44zdWwF9rg1JvDfBbu1Q_z33CEwhyEwpww26CsKcwVcO5kmC9C1mSYX4KR82GeAJ_rW26HfNsDLoLumjk-CLptnutg59V5dkHD3UX2Q5qealwFo8ufMU7CrutpxvRlSz6P354wPjt6YWbckEHvedyt2Zvd9Z6W3b7m3GZPi7vZ7Mdz-8wNvt3eFre3vrbAUvCKpSi_MNdSULsn_3-6rIH2&build-label=editors.sites-viewer-frontend_20240917.02_p1&imp-sid=CPLyq7rj44gDFT14qwId9r8ufw&is-cached-offline=false"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

Location: https://www.q2saloon.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 126ms
65ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand%3A300%2C400%2C700%7CSource%20Sans%20Pro%3A400%2C400italic%2C600%2C700%2C700italic&display=swap

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b668e4896ab0ae90fdb32f2cc5bf58a44911c55218ca0683d2702cb434db8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 27 Sep 2024 18:42:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:42:24 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 27 Sep 2024 17:48:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 33 KB
3 KB 110ms
49ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

510b4c83be4f15e9a66da3c33c162439cbf4ea0a5917e8964eb7284e5c4eefd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 27 Sep 2024 18:42:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:42:24 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 27 Sep 2024 17:19:18 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 rs=AGEqA5mg7IdZiiAGR2tOr8ugtdeAHYvDtA
www.gstatic.com/_/atari/_/ss/k=atari.vw.OXzcyVEqm8M.L.W.O/am=UDAAAQ/d=1/ 1 MB
162 KB 82ms
39ms Stylesheet
text/css 142.250.123.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/ss/k=atari.vw.OXzcyVEqm8M.L.W.O/am=UDAAAQ/d=1/rs=AGEqA5mg7IdZiiAGR2tOr8ugtdeAHYvDtA

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f94.1e100.net

Software

sffe /

Resource Hash

8d16f55c9b9393e369cd1835d9ed1b7e5fc6fad2e9e33249ab8b32b3375d9e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 288639
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 10:31:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 10:31:45 GMT
last-modified: Mon, 23 Sep 2024 08:35:10 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 165378
x-xss-protection: 0
server: sffe

GET
H2 200 client.js Show response
apis.google.com/js/ 14 KB
6 KB 146ms
41ms Script
text/javascript 2607:f8b0:4023:1415::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=gapiLoaded

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1415::65 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a2cb6470f078f96154652460b3ff33d4dc970e9bc0ae50993067e4e63ee4e3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
etag: "8029ef7718131656"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options: nosniff
expires: Fri, 27 Sep 2024 18:42:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:42:24 GMT
content-type: text/javascript
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="gapi-team"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5823
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
77 KB 154ms
65ms Script
application/javascript 2607:f8b0:4023:1413::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-163844415-1

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::61 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88a64d7ef6762f3ddc32b7b330e114dc95069b31d1f50ff2a08aaaab5531a1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 27 Sep 2024 18:42:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:42:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 27 Sep 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78589
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 3alNV-Y4KKpsf46EHeBjXMVN0K6csQaPYWXwjdMUcHH6en-WQ5taUSPnBgtkQcOi38lbDQ=w16383
lh5.googleusercontent.com/ 5 KB
5 KB 209ms
132ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/3alNV-Y4KKpsf46EHeBjXMVN0K6csQaPYWXwjdMUcHH6en-WQ5taUSPnBgtkQcOi38lbDQ=w16383

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

809634cfd04a9d008223feb5121e5cba328d6bcf2a60d8c4d539a7bcec2de350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4857
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.png"

GET
H2 200 ZMslfHtxL_susVMJGF5rpTDTrfx2YWXYRPgHy6vX2e2xvMNebyrXDgXBY9E3AC1OG0MiwMWipSRtF4TEfYOOuVjWZlLPNnJfB9FBgJGWdYUgnty6=w1280
lh4.googleusercontent.com/ 29 KB
30 KB 186ms
106ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/ZMslfHtxL_susVMJGF5rpTDTrfx2YWXYRPgHy6vX2e2xvMNebyrXDgXBY9E3AC1OG0MiwMWipSRtF4TEfYOOuVjWZlLPNnJfB9FBgJGWdYUgnty6=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3538ef98711c002bc0210f0d0b89588ea60d0dc7578d69b8c58732181b14ccf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29964
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.png"

GET
H2 200 iMDrr34VGU9xU5SvZOpPOqmvTetSYReNopimX1_xgN-LrbKtGT_WV1lnMZnsV_epzBoyX733SglSCMttlJDw0umeiuFPNWAHSjikFJ8_1YGx_UAL=w1280
lh3.googleusercontent.com/ 8 KB
8 KB 179ms
166ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/iMDrr34VGU9xU5SvZOpPOqmvTetSYReNopimX1_xgN-LrbKtGT_WV1lnMZnsV_epzBoyX733SglSCMttlJDw0umeiuFPNWAHSjikFJ8_1YGx_UAL=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

99a233c7920379b7b7db775234b47dbaebf48d3331e9e51377bc58a4f82974d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7883
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.png"

GET
H2 200 D6_ghSvvZEGFc-vR8i52JLqdl4xLcg8YO_dSfu2l7CfgG30_1ZZvMhFTFfocY6LklLG2nrE3Efhl8jb0s9v-fcqklma1G-mqPO0nHVXa2n7n5Paa=w1280
lh3.googleusercontent.com/ 8 KB
8 KB 202ms
189ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/D6_ghSvvZEGFc-vR8i52JLqdl4xLcg8YO_dSfu2l7CfgG30_1ZZvMhFTFfocY6LklLG2nrE3Efhl8jb0s9v-fcqklma1G-mqPO0nHVXa2n7n5Paa=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a1912dbc785b3f198d55ebd6bd3deb156c5b3e6e074746b996be2123168d15b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8061
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.png"

GET
H2 200 hAYX3QDq7GlYNAv7L1qADnwTL8pJ5SEwUCh98KCgs7TcgjxSw6f5g_Xff3S0H7ZMqo2dXjEZBVxBIcPCnHAvJVVQoLkb8BmWjEQLOLvEPtM7-r1T=w1280
lh4.googleusercontent.com/ 89 KB
89 KB 127ms
121ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/hAYX3QDq7GlYNAv7L1qADnwTL8pJ5SEwUCh98KCgs7TcgjxSw6f5g_Xff3S0H7ZMqo2dXjEZBVxBIcPCnHAvJVVQoLkb8BmWjEQLOLvEPtM7-r1T=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da0dfe0bdaa69b85c4dc5d5e20a27194dbcca8d289912354408b9628f5cbc2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91431
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.png"

GET
H2 200 v5ybJETPcofszURS5Unt8GvAHSjkSBzTV4OXOajJWNcNRklIydJNbUVaHBye6H9lbwiqs801T6RRJOL5jdFo4zixM05OjijF6NMemE7KQlw8jMXw=w1280
lh4.googleusercontent.com/ 27 KB
27 KB 141ms
136ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/v5ybJETPcofszURS5Unt8GvAHSjkSBzTV4OXOajJWNcNRklIydJNbUVaHBye6H9lbwiqs801T6RRJOL5jdFo4zixM05OjijF6NMemE7KQlw8jMXw=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e657e7845ee63baba1df5033abfac2f9dda65a96043b79f3d317ea6f70d4951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27316
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.jpg"

GET
H2 200 tsvzCVFnU5d0hKzwQFArxGA671BPObnA-_-fec6VGhKxWY2ZjIl50MNXB9ElXoCGdDw_C2FOxpCb3nCcbs_-V0TGwRG_wpTE3ToeC3_Evt7pbqnr=w1280
lh5.googleusercontent.com/ 54 KB
54 KB 164ms
159ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/tsvzCVFnU5d0hKzwQFArxGA671BPObnA-_-fec6VGhKxWY2ZjIl50MNXB9ElXoCGdDw_C2FOxpCb3nCcbs_-V0TGwRG_wpTE3ToeC3_Evt7pbqnr=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

821657b864df6f0bed77be396ccd49fb0f886e98098f97d7670691a250ab45dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54915
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.jpg"

GET
H2 200 0dzucVJ93vOOPmLmGoK_3j17KDqek-kcc0n5BMp3qS3JhxvCyNu26W13fHXTf80Bk5nLUX5NTl0LI4W1SCTzM1djn9lFQS65kXLJ7rjPWgPkwJ05=w1280
lh6.googleusercontent.com/ 33 KB
33 KB 191ms
174ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/0dzucVJ93vOOPmLmGoK_3j17KDqek-kcc0n5BMp3qS3JhxvCyNu26W13fHXTf80Bk5nLUX5NTl0LI4W1SCTzM1djn9lFQS65kXLJ7rjPWgPkwJ05=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

864cd3e9f4460a965d5fb5d21defe20ce9ac1763b29851503b394122534ff0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33672
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.jpg"

GET
H2 200 ON9dXGUBuN3sP2Wl4TYZlsXjfEFWmdsb6qIykHMK1D0WYVxUu2l-9BbijMhLm-mP_UMUTRm5_BAuVv2Gnznsw2pIRixQGzXpmToVnh2TMZC1Ssn1=w1280
lh6.googleusercontent.com/ 84 KB
84 KB 135ms
118ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/ON9dXGUBuN3sP2Wl4TYZlsXjfEFWmdsb6qIykHMK1D0WYVxUu2l-9BbijMhLm-mP_UMUTRm5_BAuVv2Gnznsw2pIRixQGzXpmToVnh2TMZC1Ssn1=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

665a0bf4931a31fc5cb8bc7f4c3065bb67abe783df35766e6362ad0e7dcbe544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86366
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.jpg"

GET
H2 200 03eFvXnPF7MV0vvxn0qw1TosNSVb49ed1JBR5JYu2aqE5Hb4DxtYvhgyQv7JbY5-II1-NC4nMPQdABxt8iBd0HxZsbORd2xf5WOJfuronPhWVYGE=w1280
lh3.googleusercontent.com/ 63 KB
63 KB 203ms
193ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/03eFvXnPF7MV0vvxn0qw1TosNSVb49ed1JBR5JYu2aqE5Hb4DxtYvhgyQv7JbY5-II1-NC4nMPQdABxt8iBd0HxZsbORd2xf5WOJfuronPhWVYGE=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6948c76d1d9e33f5271054185662954d04f9a9f72a4e98bc80cd18d70e23ae3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64207
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.jpg"

GET
H2 200 Z-2eLdGNkIWtNXt1wx3r3RIFj8Tz2bJ_zCSRUFyoN4OJpjRdXil1tb6YEDU62GX8bgSxBOQ0WO_U4DwVZvVKTe21porwX92ug2KYWeIoqAfFGb_p=w1280
lh6.googleusercontent.com/ 4 KB
4 KB 126ms
111ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/Z-2eLdGNkIWtNXt1wx3r3RIFj8Tz2bJ_zCSRUFyoN4OJpjRdXil1tb6YEDU62GX8bgSxBOQ0WO_U4DwVZvVKTe21porwX92ug2KYWeIoqAfFGb_p=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8185c469ff58e0f69bee571190b8abca3f2fac9713cc8add0f3045e6792252da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3663
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.jpg"

GET
H2 200 lFPCiuhnM_iG1X9Z3lcsqfh4Cpiyt1G3uPC-Raw9btDuZAka-DU18s46Aj-RngpFF9Lrg29Bje30W6UfE9_SY7rAEZkEEemxnxgka7EywjRQnw0O=w1280
lh5.googleusercontent.com/ 5 KB
5 KB 132ms
129ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/lFPCiuhnM_iG1X9Z3lcsqfh4Cpiyt1G3uPC-Raw9btDuZAka-DU18s46Aj-RngpFF9Lrg29Bje30W6UfE9_SY7rAEZkEEemxnxgka7EywjRQnw0O=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ba89c1ceef4e2d4b9a039b8cbdb32952518f91f3770d66f0aca46ea10e538a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4989
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.png"

GET
H2 200 dgCfrTg_iEurA7ryCU1aN9x8t5vASppJdi5cCcYMDlOutdspGj96ez6T9jN1NT7oN8gjVaOHG7YW5PGOhB75q_XahGyVpzkkEt2FWkXqYjrnQb0A=w1280
lh5.googleusercontent.com/ 10 KB
10 KB 155ms
152ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/dgCfrTg_iEurA7ryCU1aN9x8t5vASppJdi5cCcYMDlOutdspGj96ez6T9jN1NT7oN8gjVaOHG7YW5PGOhB75q_XahGyVpzkkEt2FWkXqYjrnQb0A=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c5d62d366ad17c88e5c2b3b10e951ac26ca0279c7ce0b70a82f79e515e0bd85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10416
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.png"

GET
H2 200 YBpk6J37B3urPc2ATm6QXcyW4eAfWp-kT-_dWKJUzGgl5tuvN7nMRaDF5MPAYDK0YvO5E82jF6red6QxqGCe3zO7YacN-GsCx2Vog2DGJEuEMDBw=w1280
lh3.googleusercontent.com/ 6 KB
6 KB 196ms
188ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YBpk6J37B3urPc2ATm6QXcyW4eAfWp-kT-_dWKJUzGgl5tuvN7nMRaDF5MPAYDK0YvO5E82jF6red6QxqGCe3zO7YacN-GsCx2Vog2DGJEuEMDBw=w1280

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7070d0f3db6a6259c5e3ac151035cf8345b369fa57b356692f0c0620fe256782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5790
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.png"

GET
H3 200 m=view Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=1/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/ 659 KB
221 KB 42ms
39ms Script
text/javascript 142.250.123.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=1/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=view

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f94.1e100.net

Software

sffe /

Resource Hash

ffa8213137e3cfca3c5e1bd07c37fdb63852674f3f9e1362b18b56af7c73119d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 288118
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 10:40:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 10:40:26 GMT
last-modified: Tue, 17 Sep 2024 11:20:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 226494
x-xss-protection: 0
server: sffe

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.2ttuSS2XBQ8.O/m=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-TYe36ShA0ds8KrukIhF82BwaKlg/ 322 KB
110 KB 42ms
40ms Script
text/javascript 2607:f8b0:4023:1415::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.2ttuSS2XBQ8.O/m=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-TYe36ShA0ds8KrukIhF82BwaKlg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1415::65 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

391f01bd4c7990a2f8ea8584d5f4cd4a2aa39ce1526cac75d40441ad4be7bc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 86610
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 18:38:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 18:38:54 GMT
last-modified: Fri, 06 Sep 2024 22:15:37 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112541
x-xss-protection: 0
server: sffe

GET
H2 200 2d2KYbaAdVkeB2X8O3kaiatAYSwXnSzPoxXUVRQUToDfDUKxiQiXSpHfXL87EEjKxJWaYg=w16383
lh3.googleusercontent.com/ 4 MB
4 MB 201ms
200ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/2d2KYbaAdVkeB2X8O3kaiatAYSwXnSzPoxXUVRQUToDfDUKxiQiXSpHfXL87EEjKxJWaYg=w16383

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dcfb9b7032baee60f4d822d6647c4e986d573ea2f3ddf073691f3158112d7aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4007455
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.jpg"

GET
H3 200 intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame D706 0
0 77ms
41ms Document
text/html 142.250.123.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f94.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.q2saloon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 944
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Sep 2024 16:43:29 GMT
expires: Sat, 27 Sep 2025 16:43:29 GMT
last-modified: Tue, 12 Dec 2023 13:42:01 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

embed
www.google.com/maps/ Frame 77AE
Redirect Chain

https://maps-api-ssl.google.com/maps?hl=en-US&ll=-0.16698,-78.475655&output=embed&q=-0.167055,-78.475547+(Untitled+Location)&z=17
https://www.google.com/maps/embed?origin=mfe&pb=!1m12!1m8!1m3!1d3989.8012595121158!2d-78.475655!3d-0.16698!3m2!1i1024!2i768!4f13.1!2m1!1s-0.167055,-78.475547!6i17!3m1!1sen-US!5m1!1sen-US

0
0

426ms
341ms

Document
text/html

142.251.182.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?origin=mfe&pb=!1m12!1m8!1m3!1d3989.8012595121158!2d-78.475655!3d-0.16698!3m2!1i1024!2i768!4f13.1!2m1!1s-0.167055,-78.475547!6i17!3m1!1sen-US!5m1!1sen-US

Requested by

Host: www.q2saloon.com
URL: https://www.q2saloon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.182.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

go-in-f105.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-6UsXu92cvW9uGO0JtbjZBg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.q2saloon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 925
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-6UsXu92cvW9uGO0JtbjZBg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 27 Sep 2024 18:42:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 27 Sep 2024 18:42:24 GMT
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m12!1m8!1m3!1d3989.8012595121158!2d-78.475655!3d-0.16698!3m2!1i1024!2i768!4f13.1!2m1!1s-0.167055,-78.475547!6i17!3m1!1sen-US!5m1!1sen-US
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 91ms
38ms Font
font/woff2 142.251.166.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.166.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gl-in-f94.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.q2saloon.com
Referer: https://fonts.googleapis.com/

Response headers

age: 188595
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 14:19:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 14:19:09 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v61/ 33 KB
33 KB 106ms
54ms Font
font/woff2 142.251.166.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v61/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.166.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gl-in-f94.1e100.net

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.q2saloon.com
Referer: https://fonts.googleapis.com/

Response headers

age: 221035
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 05:18:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 05:18:29 GMT
last-modified: Mon, 12 Aug 2024 17:14:50 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34184
x-xss-protection: 0
server: sffe

GET
H3 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 27 KB
27 KB 133ms
81ms Font
font/woff2 142.251.166.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A300%2C400%2C700%7CSource%20Sans%20Pro%3A400%2C400italic%2C600%2C700%2C700italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.166.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gl-in-f94.1e100.net

Software

sffe /

Resource Hash

5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.q2saloon.com
Referer: https://fonts.googleapis.com/

Response headers

age: 206213
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 09:25:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 09:25:31 GMT
last-modified: Wed, 13 Sep 2023 23:22:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28064
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 124ms
72ms Font
font/woff2 142.251.166.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A300%2C400%2C700%7CSource%20Sans%20Pro%3A400%2C400italic%2C600%2C700%2C700italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.166.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gl-in-f94.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.q2saloon.com
Referer: https://fonts.googleapis.com/

Response headers

age: 194035
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 12:48:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 12:48:29 GMT
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14712
x-xss-protection: 0
server: sffe

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 94ms
43ms Font
font/woff2 142.251.166.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A300%2C400%2C700%7CSource%20Sans%20Pro%3A400%2C400italic%2C600%2C700%2C700italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.166.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gl-in-f94.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.q2saloon.com
Referer: https://fonts.googleapis.com/

Response headers

age: 182079
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 16:07:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 16:07:45 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H3 200 m=sy1j,sy1l,sy1m,sy1k,FoQBg Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/ 37 KB
12 KB 40ms
40ms Script
text/javascript 142.250.123.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=sy1j,sy1l,sy1m,sy1k,FoQBg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=1/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f94.1e100.net

Software

sffe /

Resource Hash

d4750239578c9a04f0589b8ec8a445ec2f289f39e8540c919161808bbea6f260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 288012
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 10:42:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 10:42:12 GMT
last-modified: Tue, 17 Sep 2024 11:20:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 12674
x-xss-protection: 0
server: sffe

GET
H3 200 m=sy39,TRvtze Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/ 844 B
520 B 40ms
39ms Script
text/javascript 142.250.123.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=sy39,TRvtze

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=1/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f94.1e100.net

Software

sffe /

Resource Hash

0e01dec1e8240206d6cde850ccd7dade2f1ccb96671224b777f760609314f6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 288012
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 10:42:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 10:42:12 GMT
last-modified: Tue, 17 Sep 2024 11:20:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 494
x-xss-protection: 0
server: sffe

GET
H3 200 m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy16,X85Uvc,sy3a,abQiW,W26a5e,hJUyqe,sy18,sy1a,sy1d,sy1f,sy19,sy1b,sy1c,sy1e,fuVYe,sy12,PVlQOd,NPKaK,sy7,BVgquf,fmklff,TGYpv,KUM7Z,XDKZTc,sy17,qkPXAf,qEW... Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/ 1 MB
441 KB 39ms
39ms Script
text/javascript 142.250.123.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy16,X85Uvc,sy3a,abQiW,W26a5e,hJUyqe,sy18,sy1a,sy1d,sy1f,sy19,sy1b,sy1c,sy1e,fuVYe,sy12,PVlQOd,NPKaK,sy7,BVgquf,fmklff,TGYpv,KUM7Z,XDKZTc,sy17,qkPXAf,qEW1W,oNFsLb,sy46,yxTchf,sy47,sy48,xQtZb,yf2Bs,sy3,sya,yyxWAc,qddgKe,sy3c,SM1lmd,sy9,sy8,sy13,RRzQxe,zZvHmd,sy2,syl,sym,syc,sy2k,sy4,syb,fNFZH,sy3b,syn,RrXLpc,cgRV2c,sy15,sy24,o1L5Wb,X4BaPc,syg,Md9ENb,sy1p,sy1q,sy1r,syr,sy1o,sys,sy1n,sy1u,sy21,sy22,sy23,Ko0sOe,sy11,sy1v,sy1y,sy27,syp,sy14,sy1g,sy1h,NlqxW,sy1s,sy1x,sy1z,sy1w,sy26,syu,sy1t,sy25,sy2b,sy2d,sy2g,sy2h,sy2i,sy2j,sy29,sy2c,sy2n,sy2u,sy20,sy28,sy2f,syq,sy2a,sy2l,sy2m,sy2r,sy2s,sy2t,sy2v,syz,sy2w,G5ZZUb,sy2e,zmwrxd,sy2o,sy2p,sy2q,oy3iwb,dBhIIb,sy2x,sy2y,Fodr0b,Yr1Pcb,LUQjOd,a9i3ec,CmOog,qYIcH,zTt0Rb,ap0X9d,Ik1vNd,NzVYMd,KlZlNb,rj51oe,zAU64c,uUwMBf,zRiL5c,AQnEY,jhxjge,ZV9ZUe,Tc7Qif,heobjb,R4KMEc,KlrXId,t1DRgd,sy2z,sy30,sy31,sy32,UYjpC,vVEdxc,sy5,VYKRW,sy1i,CG0Qwb,RZ9OZ,N0NZx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=1/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f94.1e100.net

Software

sffe /

Resource Hash

88d6e6fe6e1f92395d3054dcfda11b879685cef77c34a055c452fe70add4fbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 281268
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 12:34:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 12:34:36 GMT
last-modified: Tue, 17 Sep 2024 11:20:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 451081
x-xss-protection: 0
server: sffe

GET
H3 200 m=sy35,IZT63,vfuNJf,sy3u,sy3y,sy40,sy49,sy4a,sy4b,siKnQd,sy3s,sy3z,sy41,sy36,YNjGDd,sy42,PrPYRd,iFQyKf,hc6Ubd,sy4c,SpsfSb,sy3v,sy3x,wR5FRb,pXdRYb,dIoSBb,zbML3c Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/ 29 KB
11 KB 58ms
58ms Script
text/javascript 142.250.123.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=sy35,IZT63,vfuNJf,sy3u,sy3y,sy40,sy49,sy4a,sy4b,siKnQd,sy3s,sy3z,sy41,sy36,YNjGDd,sy42,PrPYRd,iFQyKf,hc6Ubd,sy4c,SpsfSb,sy3v,sy3x,wR5FRb,pXdRYb,dIoSBb,zbML3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=1/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f94.1e100.net

Software

sffe /

Resource Hash

b482b6b9f62481b272c44d0a71662f876af8bf3fbd401e0f544a81031826e8e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 287545
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 10:49:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 10:49:59 GMT
last-modified: Tue, 17 Sep 2024 11:20:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 10874
x-xss-protection: 0
server: sffe

GET
H3 200 m=NTMZac,m9oV,sye,syj,Ae65rd,rCcCxc,RAnnUd,CuaHnc,sy10,sy34,gJzDyc,sy3d,uu7UOe,sy3e,soHxf,sy3f,uY3Nvd,mxS5xe,syx,syw,HYv29e Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/ 86 KB
28 KB 39ms
38ms Script
text/javascript 142.250.123.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=NTMZac,m9oV,sye,syj,Ae65rd,rCcCxc,RAnnUd,CuaHnc,sy10,sy34,gJzDyc,sy3d,uu7UOe,sy3e,soHxf,sy3f,uY3Nvd,mxS5xe,syx,syw,HYv29e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=1/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f94.1e100.net

Software

sffe /

Resource Hash

1c1d3fb3813a0e891fb210d229c4daebe13b13693143de0d8cec8a96e004a046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 288012
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 10:42:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 10:42:12 GMT
last-modified: Tue, 17 Sep 2024 11:20:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 28660
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
90 KB 71ms
69ms Script
application/javascript 2607:f8b0:4023:1413::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2DC1Q2S2EE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163844415-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::61 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a230a4fe353ecebd422ddc4244d9ceff98017093a24ac12b9b65a955f18044d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 27 Sep 2024 18:42:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:42:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92143
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 98ms
26ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163844415-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 2180
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 27 Sep 2024 20:06:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 130ms
38ms Preflight
text/plain 2607:f8b0:4023:1402::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1402::64 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.q2saloon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 27 Sep 2024 18:42:24 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
www.q2saloon.com/_/view/ 16 B
221 B 58ms
55ms XHR
application/json 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.q2saloon.com/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=1/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://www.q2saloon.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: same-site
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Sep 2024 18:42:24 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
420 B 46ms
44ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=880969879&t=pageview&_s=1&dl=https%3A%2F%2Fwww.q2saloon.com%2F&ul=en-ca&de=UTF-8&dt=Inicio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1112018920&gjid=1375995465&cid=2001047504.1727462545&tid=UA-163844415-1&_gid=140442287.1727462545&_r=1&gtm=457e49p0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&did=dZWRiYj&gdid=dZWRiYj&jsscut=1&z=332719218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.q2saloon.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:42:24 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.q2saloon.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 120 KB
39 KB 38ms
38ms Script
text/javascript 142.250.123.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=0/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy16,X85Uvc,sy3a,abQiW,W26a5e,hJUyqe,sy18,sy1a,sy1d,sy1f,sy19,sy1b,sy1c,sy1e,fuVYe,sy12,PVlQOd,NPKaK,sy7,BVgquf,fmklff,TGYpv,KUM7Z,XDKZTc,sy17,qkPXAf,qEW1W,oNFsLb,sy46,yxTchf,sy47,sy48,xQtZb,yf2Bs,sy3,sya,yyxWAc,qddgKe,sy3c,SM1lmd,sy9,sy8,sy13,RRzQxe,zZvHmd,sy2,syl,sym,syc,sy2k,sy4,syb,fNFZH,sy3b,syn,RrXLpc,cgRV2c,sy15,sy24,o1L5Wb,X4BaPc,syg,Md9ENb,sy1p,sy1q,sy1r,syr,sy1o,sys,sy1n,sy1u,sy21,sy22,sy23,Ko0sOe,sy11,sy1v,sy1y,sy27,syp,sy14,sy1g,sy1h,NlqxW,sy1s,sy1x,sy1z,sy1w,sy26,syu,sy1t,sy25,sy2b,sy2d,sy2g,sy2h,sy2i,sy2j,sy29,sy2c,sy2n,sy2u,sy20,sy28,sy2f,syq,sy2a,sy2l,sy2m,sy2r,sy2s,sy2t,sy2v,syz,sy2w,G5ZZUb,sy2e,zmwrxd,sy2o,sy2p,sy2q,oy3iwb,dBhIIb,sy2x,sy2y,Fodr0b,Yr1Pcb,LUQjOd,a9i3ec,CmOog,qYIcH,zTt0Rb,ap0X9d,Ik1vNd,NzVYMd,KlZlNb,rj51oe,zAU64c,uUwMBf,zRiL5c,AQnEY,jhxjge,ZV9ZUe,Tc7Qif,heobjb,R4KMEc,KlrXId,t1DRgd,sy2z,sy30,sy31,sy32,UYjpC,vVEdxc,sy5,VYKRW,sy1i,CG0Qwb,RZ9OZ,N0NZx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.123.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f94.1e100.net

Software

sffe /

Resource Hash

e643fad6c7da22675e44a57b206c5d7cc0e2528cefae6cb8858d128dcd98a5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 777
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
x-content-type-options: nosniff
expires: Fri, 27 Sep 2024 19:19:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:29:27 GMT
last-modified: Thu, 26 Sep 2024 17:26:02 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=3000
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
accept-ranges: bytes
content-length: 39701
x-xss-protection: 0
server: sffe

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.2ttuSS2XBQ8.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-TYe36ShA0ds8KrukIhF82BwaKlg/ 261 B
207 B 40ms
40ms Script
text/javascript 142.251.178.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.2ttuSS2XBQ8.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-TYe36ShA0ds8KrukIhF82BwaKlg/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.178.138 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yucmhab-in-f138.1e100.net

Software

sffe /

Resource Hash

1d47a66ccdfc86a81a213a021dfebb52b8b1e45da9c8a8e006b0dc903713b7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

content-encoding: gzip
age: 81015
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 20:12:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 20:12:09 GMT
last-modified: Fri, 06 Sep 2024 22:15:37 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 180
x-xss-protection: 0
server: sffe

GET
H2 200 auth_warmup
drive.google.com/ Frame 9A4B 0
0 118ms
49ms Document
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/auth_warmup

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-3d0ebtiU_gNkRQYIBAlMjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.q2saloon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-3d0ebtiU_gNkRQYIBAlMjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 27 Sep 2024 18:42:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjktDikmJw1JBicEqfwRoCxEsiLrIeSbzIKsTDMeHn7e1sAi86Ft5jUlJNyi-MTynKLEvNKCkpSCzILE4tKkstijcyMDIxsDS01DMwii8wAAAJTRrD"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 54ms
54ms Fetch
text/plain 142.250.112.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2DC1Q2S2EE&gtm=45je49p0v9109661667za200&_p=1727462544153&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686684~101747727&cid=2001047504.1727462545&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1727462544&sct=1&seg=0&dl=https%3A%2F%2Fwww.q2saloon.com%2F&dt=Inicio&en=page_view&_fv=1&_ss=1&tfd=1236
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2DC1Q2S2EE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.112.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ga-in-f100.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.q2saloon.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 18:42:24 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 f3R5OeeO3Xf-Mdx2vqa9qcG3i31FnOVu1SDNDOsRLBCNgA8j9lv4l1qi4bA32JLSGkWPmUwuUepyFWqj3khZeC0Ou8O5
lh4.googleusercontent.com/ 2 KB
2 KB 120ms
120ms Other
image/png 142.251.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh4.googleusercontent.com/f3R5OeeO3Xf-Mdx2vqa9qcG3i31FnOVu1SDNDOsRLBCNgA8j9lv4l1qi4bA32JLSGkWPmUwuUepyFWqj3khZeC0Ou8O5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.4.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gm-in-f132.1e100.net

Software

fife /

Resource Hash

af7c7964fb69b6f345b3ce111db678a4bac30275babe796874d63d9e246862f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.q2saloon.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 18:42:25 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1623
date: Fri, 27 Sep 2024 18:42:25 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="EmbeddedImage.png"

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
www.q2saloon.com/_/view/ 16 B
117 B 86ms
82ms XHR
application/json 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.q2saloon.com/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Dq47oLfHlQA.O/am=UDAAAQ/d=1/rs=AGEqA5mQwterW4VkTDa6EN5oEegPcINyow/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://www.q2saloon.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: same-site
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Sep 2024 18:42:27 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
39ms Preflight
text/plain 2607:f8b0:4023:1402::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1402::64 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.q2saloon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 27 Sep 2024 18:42:27 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.q2saloon.com/	1970-01-20 23:52:28	Name: _gid Value: GA1.2.140442287.1727462545
.q2saloon.com/	1970-01-20 23:51:02	Name: _gat_gtag_UA_163844415_1 Value: 1
.q2saloon.com/	1970-01-21 09:27:02	Name: _ga_2DC1Q2S2EE Value: GS1.1.1727462544.1.0.1727462544.0.0.0
.q2saloon.com/	1970-01-21 09:27:02	Name: _ga Value: GA1.1.2001047504.1727462545
.google.com/	1970-01-21 04:14:33	Name: NID Value: 517=jv7WjybluObyLjlRNM0RUg5fRtQ6Knm865FT_NBwtiCwelT6eNGzRhRQi6UWzzp2PQ15Jc7b4gkVUuVZXfV4ZEcliF5DHyuWtnzlqh1IEHnoMtquEn8hdvIWr4IkaHGMQ7wLs93VIGAW1WSMsKPAGJv5_m63c9CVPWpsGZhffJFjaxVfxQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.q2saloon.com/ Message: Access to fetch at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.q2saloon.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.q2saloon.com/ Message: Access to fetch at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.q2saloon.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-8Q8MmbH9KOYywr1iJjLjRg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
maps-api-ssl.google.com
play.google.com
q2saloon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.q2saloon.com
play.google.com
142.250.112.100
142.250.123.94
142.251.166.94
142.251.178.138
142.251.182.105
142.251.4.132
2001:4860:4802:32::15
2001:4860:4802:36::15
2607:f8b0:4006:80c::200e
2607:f8b0:4006:81f::200e
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2001
2607:f8b0:4023:1401::8a
2607:f8b0:4023:1402::64
2607:f8b0:4023:1413::61
2607:f8b0:4023:1415::65
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0e01dec1e8240206d6cde850ccd7dade2f1ccb96671224b777f760609314f6bc
1c1d3fb3813a0e891fb210d229c4daebe13b13693143de0d8cec8a96e004a046
1d47a66ccdfc86a81a213a021dfebb52b8b1e45da9c8a8e006b0dc903713b7dd
3538ef98711c002bc0210f0d0b89588ea60d0dc7578d69b8c58732181b14ccf8
391f01bd4c7990a2f8ea8584d5f4cd4a2aa39ce1526cac75d40441ad4be7bc1a
4e657e7845ee63baba1df5033abfac2f9dda65a96043b79f3d317ea6f70d4951
510b4c83be4f15e9a66da3c33c162439cbf4ea0a5917e8964eb7284e5c4eefd2
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
665a0bf4931a31fc5cb8bc7f4c3065bb67abe783df35766e6362ad0e7dcbe544
66ae2bc836accaabba3833aa9d93320272267b9ada3176648801c6df851e83f5
6948c76d1d9e33f5271054185662954d04f9a9f72a4e98bc80cd18d70e23ae3f
6b668e4896ab0ae90fdb32f2cc5bf58a44911c55218ca0683d2702cb434db8db
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7070d0f3db6a6259c5e3ac151035cf8345b369fa57b356692f0c0620fe256782
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
809634cfd04a9d008223feb5121e5cba328d6bcf2a60d8c4d539a7bcec2de350
8185c469ff58e0f69bee571190b8abca3f2fac9713cc8add0f3045e6792252da
821657b864df6f0bed77be396ccd49fb0f886e98098f97d7670691a250ab45dd
864cd3e9f4460a965d5fb5d21defe20ce9ac1763b29851503b394122534ff0d8
88a64d7ef6762f3ddc32b7b330e114dc95069b31d1f50ff2a08aaaab5531a1cc
88d6e6fe6e1f92395d3054dcfda11b879685cef77c34a055c452fe70add4fbb3
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8d16f55c9b9393e369cd1835d9ed1b7e5fc6fad2e9e33249ab8b32b3375d9e99
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
94a2cb6470f078f96154652460b3ff33d4dc970e9bc0ae50993067e4e63ee4e3
99a233c7920379b7b7db775234b47dbaebf48d3331e9e51377bc58a4f82974d4
a1912dbc785b3f198d55ebd6bd3deb156c5b3e6e074746b996be2123168d15b7
a230a4fe353ecebd422ddc4244d9ceff98017093a24ac12b9b65a955f18044d8
af7c7964fb69b6f345b3ce111db678a4bac30275babe796874d63d9e246862f9
b482b6b9f62481b272c44d0a71662f876af8bf3fbd401e0f544a81031826e8e9
ba89c1ceef4e2d4b9a039b8cbdb32952518f91f3770d66f0aca46ea10e538a7a
c5d62d366ad17c88e5c2b3b10e951ac26ca0279c7ce0b70a82f79e515e0bd85b
d4750239578c9a04f0589b8ec8a445ec2f289f39e8540c919161808bbea6f260
da0dfe0bdaa69b85c4dc5d5e20a27194dbcca8d289912354408b9628f5cbc2a2
dcfb9b7032baee60f4d822d6647c4e986d573ea2f3ddf073691f3158112d7aaa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
e643fad6c7da22675e44a57b206c5d7cc0e2528cefae6cb8858d128dcd98a5d8
ffa8213137e3cfca3c5e1bd07c37fdb63852674f3f9e1362b18b56af7c73119d

www.q2saloon.com Open in urlscan Pro 2001:4860:4802:32::15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

96 %HTTPS

63 %IPv6

7 Domains

16 Subdomains

15 IPs

1 Countries

5693 kBTransfer

9070 kBSize

5 Cookies

5 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.q2saloon.com Open in urlscan Pro
2001:4860:4802:32::15 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

63 %
IPv6

7
Domains

16
Subdomains

15
IPs

1
Countries

5693 kB
Transfer

9070 kB
Size

5
Cookies

49 HTTP transactions
0 data transactions