greasyfork.org Open in urlscan Pro
2600:3c01:1::607e:631c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://update.greasyfork.org/
Effective URL:
https://greasyfork.org/en
Submission: On November 05 via api (November 5th 2023, 3:08:24 am UTC) from US — Scanned from US

Summary HTTP 74 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 74 HTTP transactions. The main IP is 2600:3c01:1::607e:631c, located in Fremont, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is greasyfork.org. The Cisco Umbrella rank of the primary domain is 125065.
TLS certificate: Issued by R3 on October 5th 2023. Valid for: 3 months.

This is the only time greasyfork.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:250... 2600:9000:2508:fa00:19:7e87:8900:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:3c01:1::... 2600:3c01:1::607e:631c	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2607:f8b0:402... 2607:f8b0:4020:804::2008	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:807::200e	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4020:804::2003	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:402... 2607:f8b0:4020:805::2001	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:402... 2607:f8b0:4020:806::200e	15169 (GOOGLE) (GOOGLE)
3	34.149.135.28 34.149.135.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2606:4700:20:... 2606:4700:20::681a:3be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.116.53.150 52.116.53.150	36351 (SOFTLAYER) (SOFTLAYER)
1	2607:f8b0:402... 2607:f8b0:4020:805::2004	15169 (GOOGLE) (GOOGLE)
74	15

1 2600:9000:2508:fa00:19:7e87:8900:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

update.greasyfork.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:3c01:1::607e:631c (Fremont, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

greasyfork.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:805::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4020:806::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.135.28 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.135.149.34.bc.googleusercontent.com

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:3be (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com

8proof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 www.google.com — Cisco Umbrella Rank: 2	67 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	338 KB
8	greasyfork.org 1 redirects update.greasyfork.org greasyfork.org — Cisco Umbrella Rank: 125065	72 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	141 KB
6	gstatic.com fonts.gstatic.com	70 KB
4	rtbrain.app cdn.rtbrain.app — Cisco Umbrella Rank: 10872	638 KB
3	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 19277	931 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	8proof.com 8proof.com — Cisco Umbrella Rank: 34071 cdn.8proof.com Failed	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	119 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	307 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	606 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	88 KB
74	13

	Domain	Requested by
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	greasyfork.org pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com greasyfork.org googleads.g.doubleclick.net
7	greasyfork.org	greasyfork.org
6	fonts.gstatic.com	fonts.googleapis.com
4	cdn.rtbrain.app	googleads.g.doubleclick.net
3	g.bidbrain.app	greasyfork.org googleads.g.doubleclick.net
3	fonts.googleapis.com	greasyfork.org googleads.g.doubleclick.net
2	8proof.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	greasyfork.org
1	update.greasyfork.org	1 redirects
0	cdn.8proof.com Failed	8proof.com
74	17

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
addons.mozilla.org
tampermonkey.net
apps.apple.com
microsoftedge.microsoft.com
addons.opera.com
violentmonkey.github.io
extension.maxthon.com
play.google.com
www.tampermonkey.net
www.xbext.com
gear4.app

Subject Issuer	Validity	Valid
greasyfork.org R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.bidbrain.app R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
rtbrain.app Cloudflare Inc ECC CA-3	`2023-10-19` - `2024-10-18`	a year	crt.sh
*.8proof.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-02-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://greasyfork.org/en
Frame ID: 5F1486F4719BBD228560152E663245A2
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: CEDFB02F24F329BBA86C35B7C61ECA53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2247465624637408&output=html&adk=1812271804&adf=3025194257&lmt=1699153699&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fgreasyfork.org%2Fen&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699153699741&bpp=6&bdt=364&idt=182&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8302641663357&frm=20&pv=2&ga_vid=1332973204.1699153700&ga_sid=1699153700&ga_hid=202093552&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079307%2C44807047%2C44807337%2C44807455%2C31078301&oid=2&pvsid=999037939146818&tmod=1193644689&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=218
Frame ID: 9F93A6705E05EB14E6A5E4A739CB477F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2247465624637408&output=html&h=200&slotname=2593917175&adk=3476448685&adf=2859247084&pi=t.ma~as.2593917175&w=1166&fwrn=4&lmt=1699153699&rafmt=11&format=1166x200&url=https%3A%2F%2Fgreasyfork.org%2Fen&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699153699747&bpp=2&bdt=371&idt=217&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8302641663357&frm=20&pv=1&ga_vid=1332973204.1699153700&ga_sid=1699153700&ga_hid=202093552&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079307%2C44807047%2C44807337%2C44807455%2C31078301&oid=2&pvsid=999037939146818&tmod=1193644689&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=S8ktsd2fxe&p=https%3A//greasyfork.org&dtd=227
Frame ID: 0DC6313F8ED6BC1146B7F408778AE8A0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8F79FA05163E0251AA845F0CEAF83A27
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Frame ID: A2B09F04F2B68ACC8675807A8D86EC45
Requests: 3 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=665301673886&ctd=10034&crid=1511&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCes3lJAdHZcGABOe_6toPvIeI6Az6j4XmbaCDqMWtDcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTIyNDc0NjU2MjQ2Mzc0MDjIAQmoAwHIAwKqBMcBT9CO5so3cmkTFWDnW8d3dvBQpPAgTh1naAkR-KAX2wrjJXxuUAtxvpNLXjdX4C5UYIkxedYpj_bxYe0mxwr1E8_pR-mks0tPVjVYa0vGyF1KoGV0yFvPGQuZptubBf-WjYTlLh2-7PTJx_1Uwhqi2TNG7doSAQ96PUDJjmkxYqoRl0jQ9hkz9PQhgfqwc2MjUR8ucOvP42SqcHuFfRJtECqL-Mrj9krCNoQ20j_ZQ0Jod8ibA6rOv7Cw7wNGkWONfXp6f-31fYAGrZSun7qv781QoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1J7CSH-lPP5V5NOLmZMOifYwM4Bw%26client%3Dca-pub-2247465624637408%26adurl%3D&ap=ZUcHJAABAEEFWp_nAAIDvPZZgm1KzB6uNEosQw
Frame ID: B7229AEA5803070E04E40200EBB39348
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Frame ID: 099235EFC160FDD4D09EFA94FFCF621C
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2CCE3C2A5571ABD5379ED00B02041935
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3368A9E80ABD74BC0F1E2A5C6BFF22D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Greasy Fork - safe and useful user scripts

Page URL History Show full URLs

https://update.greasyfork.org/ HTTP 302
https://greasyfork.org/en Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

74
Requests

97 %
HTTPS

87 %
IPv6

13
Domains

17
Subdomains

15
IPs

2
Countries

1541 kB
Transfer

3111 kB
Size

10
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/tampermonkey/dhdgffkkebhmkfjojejmpbldmpobfkfo
Title: Tampermonkey

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/violent-monkey/jinjaccalgkegednnccohejagnlnfdag
Title: Violentmonkey

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/firefox/addon/greasemonkey/
Title: Greasemonkey

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/firefox/addon/tampermonkey/
Title: Tampermonkey

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/firefox/addon/violentmonkey/
Title: Violentmonkey

Search URL Search Domain Scan URL

URL: http://tampermonkey.net/?browser=safari
Title: Tampermonkey

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/userscripts/id1463298887
Title: Userscripts

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/tampermonkey/iikmkjmpaadaobahmlepeloendndfphd
Title: Tampermonkey

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/violentmonkey/eeagobfjdenkkddmbclomhiblgggliao
Title: Violentmonkey

Search URL Search Domain Scan URL

URL: https://addons.opera.com/extensions/details/tampermonkey-beta/
Title: Tampermonkey

Search URL Search Domain Scan URL

URL: https://violentmonkey.github.io/get-it/
Title: Violentmonkey

Search URL Search Domain Scan URL

URL: http://extension.maxthon.com/detail/index.php?view_id=1680
Title: Violentmonkey

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=net.tampermonkey.dolphin
Title: Tampermonkey

Search URL Search Domain Scan URL

URL: https://www.tampermonkey.net/?browser=ucweb&ext=dhdg
Title: Tampermonkey

Search URL Search Domain Scan URL

URL: https://www.xbext.com/
Title: XBrowser

Search URL Search Domain Scan URL

URL: https://gear4.app/
Title: Gear

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://update.greasyfork.org/ HTTP 302
https://greasyfork.org/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en Show response
greasyfork.org/
Redirect Chain

https://update.greasyfork.org/
https://greasyfork.org/en

17 KB
6 KB

480ms
102ms

Document
text/html

2600:3c01:1::607e:631c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://greasyfork.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c01:1::607e:631c Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

27712b1cedb727a08486359d646da1fdfc09df1e38e9de62e718e223cba18184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 05 Nov 2023 03:08:19 GMT
etag: W/"27712b1cedb727a08486359d646da1fd"
link: </vite/assets/application-ddb94cc0.js>; rel=modulepreload; as=script; crossorigin=anonymous; nopush,</vite/assets/application-d8017c49.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
x-backend-server: archer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d9f5c123-b0c3-411c-82cc-39fa1c888c26
x-runtime: 0.023454
x-xss-protection: 0

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Sun, 05 Nov 2023 03:08:18 GMT
location: https://greasyfork.org/en
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
via: 1.1 5988b4ae4648c0fec3c60a3cca580092.cloudfront.net (CloudFront)
x-amz-cf-id: RcWAS1LNNweuju8DrCCUlc_KYlgsuAgdVt6fV9eGIMnt1nGQgKrKjA==
x-amz-cf-pop: IAD12-P1
x-backend-server: archer
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 180bd5a3-4bb7-4002-834a-f9fe2b5699c5
x-runtime: 0.004810
x-xss-protection: 0

GET
H2 200 application-ddb94cc0.js Show response
greasyfork.org/vite/assets/ 67 KB
19 KB 146ms
145ms Script
application/javascript 2600:3c01:1::607e:631c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://greasyfork.org/vite/assets/application-ddb94cc0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:3c01:1::607e:631c Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8a5a98f33364dda62516531b3e4bacbc7cb5b6db6ce8be27e7dafa8ff44146d9

Request headers

Referer
Origin: https://greasyfork.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:19 GMT
content-encoding: gzip
last-modified: Sat, 04 Nov 2023 20:35:04 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-length: 19490
expires: Mon, 04 Nov 2024 03:08:19 GMT

GET
H2 200 application-d8017c49.css
greasyfork.org/vite/assets/ 39 KB
12 KB 74ms
73ms Stylesheet
text/css 2600:3c01:1::607e:631c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://greasyfork.org/vite/assets/application-d8017c49.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:3c01:1::607e:631c Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d8017c49961e4352ccc035f37685f12f23101b138c611e29367f772d3f71621d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:19 GMT
content-encoding: gzip
last-modified: Sat, 04 Nov 2023 20:35:04 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-length: 11996
expires: Mon, 04 Nov 2024 03:08:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 89ms
47ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7NMRNRYW7C

Requested by

Host: greasyfork.org
URL: https://greasyfork.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9477f942d25a18685f634972374bd676064acb799349d785d62f07a2fccf0e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90084
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 03:08:19 GMT

GET
H2 200 blacklogo96-e0c2c761.png
greasyfork.org/vite/assets/ 5 KB
5 KB 140ms
139ms Image
image/png 2600:3c01:1::607e:631c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greasyfork.org/vite/assets/blacklogo96-e0c2c761.png
Requested by: Host: greasyfork.org
URL: https://greasyfork.org/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:3c01:1::607e:631c Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e0c2c76180916332b7516ad47e1e206b42d131d36ff4afe98da3b1ba61fd5d6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:19 GMT
last-modified: Sat, 04 Nov 2023 20:35:04 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4738
expires: Mon, 04 Nov 2024 03:08:19 GMT

GET
H2 200 tampermonkey-manage-cd230945.webp
greasyfork.org/vite/assets/ 15 KB
15 KB 147ms
146ms Image
image/webp 2600:3c01:1::607e:631c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greasyfork.org/vite/assets/tampermonkey-manage-cd230945.webp
Requested by: Host: greasyfork.org
URL: https://greasyfork.org/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:3c01:1::607e:631c Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cd230945f96e6421aa20de634463d91e453b8835df5139c93bd0aa99273fcced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:19 GMT
last-modified: Sat, 04 Nov 2023 20:35:04 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 14946
expires: Mon, 04 Nov 2024 03:08:19 GMT

GET
H2 200 install-button-example-f4c914f5.webp
greasyfork.org/vite/assets/ 12 KB
12 KB 148ms
148ms Image
image/webp 2600:3c01:1::607e:631c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greasyfork.org/vite/assets/install-button-example-f4c914f5.webp
Requested by: Host: greasyfork.org
URL: https://greasyfork.org/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:3c01:1::607e:631c Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f4c914f5dfefb48716e0ea402c3794372b501b7db6c73be8d76a1d298a33db5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:19 GMT
last-modified: Sat, 04 Nov 2023 20:35:04 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 12276
expires: Mon, 04 Nov 2024 03:08:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 112ms
70ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2247465624637408

Requested by

Host: greasyfork.org
URL: https://greasyfork.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36e21b1845523d22705c79b43c384d836a53b312e57589936dacf57cbe068f61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
Origin: https://greasyfork.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52180
x-xss-protection: 0
server: cafe
etag: 2929555534020629142
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 03:08:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 86ms
45ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: greasyfork.org
URL: https://greasyfork.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 03:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 01:39:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 03:08:19 GMT

GET
H2 200 index-a1c08d20.js Show response
greasyfork.org/vite/assets/ 4 KB
2 KB 77ms
76ms Script
application/javascript 2600:3c01:1::607e:631c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://greasyfork.org/vite/assets/index-a1c08d20.js
Requested by: Host: greasyfork.org
URL: https://greasyfork.org/vite/assets/application-ddb94cc0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:3c01:1::607e:631c Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 179dfc8f363b9183338bd9e912bf66426f17a188967dc14cc19575843a9dcea0

Request headers

Referer: https://greasyfork.org/vite/assets/application-ddb94cc0.js
Origin: https://greasyfork.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:19 GMT
content-encoding: gzip
last-modified: Sat, 04 Nov 2023 20:35:04 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-length: 1877
expires: Mon, 04 Nov 2024 03:08:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
749 B 38ms
36ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: greasyfork.org
URL: https://greasyfork.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 03:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 01:59:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 03:08:19 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
253 B 89ms
34ms Ping
text/plain 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7NMRNRYW7C&gtm=45je3b11v875464679&_p=1699153699476&gcd=11l1l1l1l1&cid=1332973204.1699153700&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699153699&sct=1&seg=0&dl=https%3A%2F%2Fgreasyfork.org%2Fen&dt=Greasy%20Fork%20-%20safe%20and%20useful%20user%20scripts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ad_method=ga&tfd=1283
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7NMRNRYW7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 03:08:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://greasyfork.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 64ms
12ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greasyfork.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 12:19:33 GMT
x-content-type-options: nosniff
age: 226126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 12:19:33 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v36/ 11 KB
11 KB 64ms
15ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c72b42c630259e7f589c515f8cf986f14dc6f4cb1b75c92042c68d47a7f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greasyfork.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 16:56:10 GMT
x-content-type-options: nosniff
age: 209529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11084
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 16:56:10 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v36/ 15 KB
15 KB 77ms
29ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

439db95fd72eacf019f9a0cd934c5cd77866206f7e50ed358b3322a0260d96a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greasyfork.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 11:27:19 GMT
x-content-type-options: nosniff
age: 56460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:03:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 11:27:19 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVIGxA.woff2
fonts.gstatic.com/s/opensans/v36/ 9 KB
9 KB 79ms
31ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258c82612dc0e5a8dc1e7042a2e7eb7dbe544b04afc591f2b7b37c96cecb3f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greasyfork.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 11:42:32 GMT
x-content-type-options: nosniff
age: 55547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9388
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 11:42:32 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4iaVIGxA.woff2
fonts.gstatic.com/s/opensans/v36/ 8 KB
8 KB 75ms
27ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4iaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f8c0fd411b13aea0ecb3307bd55361aeef6dcc26c844900b07344f4efe88c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greasyfork.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 10:10:09 GMT
x-content-type-options: nosniff
age: 61090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7724
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:02:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 10:10:09 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
fonts.gstatic.com/s/opensans/v36/ 8 KB
9 KB 72ms
24ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984b36638622206bececefd75641ed6c9a8bcf92f8197edbb0731b5f47d5c91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greasyfork.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 21:44:55 GMT
x-content-type-options: nosniff
age: 278604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8692
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:14:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2024 21:44:55 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 399 KB
135 KB 105ms
78ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2247465624637408

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1adb781d60fa518056045b89cb87b1a8d3b6915a67a942589a225c4b80e1899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138204
x-xss-protection: 0
server: cafe
etag: 5134747708845433426
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 03:08:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame CEDF 10 KB
5 KB 263ms
14ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2247465624637408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 9237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 00:34:23 GMT
etag: 251720774729838433
expires: Sun, 19 Nov 2023 00:34:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
606 B 132ms
38ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=greasyfork.org&callback=_gfp_s_&client=ca-pub-2247465624637408

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38a89fd0a62bc0b5f941b540b9d6653932b8c05d16c9cface886a24d0d06573c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F93 276 KB
72 KB 596ms
575ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2247465624637408&output=html&adk=1812271804&adf=3025194257&lmt=1699153699&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fgreasyfork.org%2Fen&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699153699741&bpp=6&bdt=364&idt=182&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8302641663357&frm=20&pv=2&ga_vid=1332973204.1699153700&ga_sid=1699153700&ga_hid=202093552&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079307%2C44807047%2C44807337%2C44807455%2C31078301&oid=2&pvsid=999037939146818&tmod=1193644689&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb88b538fe8bfe86632b62a0249b30e549ca0654f51dc7979e8f17f64bd8e7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 73493
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 03:08:20 GMT
expires: Sun, 05 Nov 2023 03:08:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DC6 160 KB
55 KB 491ms
472ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2247465624637408&output=html&h=200&slotname=2593917175&adk=3476448685&adf=2859247084&pi=t.ma~as.2593917175&w=1166&fwrn=4&lmt=1699153699&rafmt=11&format=1166x200&url=https%3A%2F%2Fgreasyfork.org%2Fen&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699153699747&bpp=2&bdt=371&idt=217&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8302641663357&frm=20&pv=1&ga_vid=1332973204.1699153700&ga_sid=1699153700&ga_hid=202093552&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079307%2C44807047%2C44807337%2C44807455%2C31078301&oid=2&pvsid=999037939146818&tmod=1193644689&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=S8ktsd2fxe&p=https%3A//greasyfork.org&dtd=227

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceddf0c3e6f19daa7d27ec3ba3d8c5c00815002ded8fbc942f1281c0452be0b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 56248
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 03:08:20 GMT
expires: Sun, 05 Nov 2023 03:08:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0DC6 3 KB
1 KB 253ms
14ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2247465624637408&output=html&h=200&slotname=2593917175&adk=3476448685&adf=2859247084&pi=t.ma~as.2593917175&w=1166&fwrn=4&lmt=1699153699&rafmt=11&format=1166x200&url=https%3A%2F%2Fgreasyfork.org%2Fen&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699153699747&bpp=2&bdt=371&idt=217&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8302641663357&frm=20&pv=1&ga_vid=1332973204.1699153700&ga_sid=1699153700&ga_hid=202093552&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079307%2C44807047%2C44807337%2C44807455%2C31078301&oid=2&pvsid=999037939146818&tmod=1193644689&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=S8ktsd2fxe&p=https%3A//greasyfork.org&dtd=227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0DC6 20 KB
9 KB 251ms
12ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DC6 189 KB
60 KB 59ms
42ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 03:08:20 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 160 KB
55 KB 90ms
89ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99a3748930458e8876ae522524f30daabb38509a1262b6528a1b2d98dafa39e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55816
x-xss-protection: 0
server: cafe
etag: 1744712325711935612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 03:08:20 GMT

GET
H2 200 ca-pub-2247465624637408 Show response
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 136ms
71ms Script
application/javascript 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2247465624637408?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b68c64deb88e7ea79696f20da0b6dd77c969e196f67f5a790ecfa5d1bc8e36a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KvVT3eQTjT1ik0LNyH4oBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KvVT3eQTjT1ik0LNyH4oBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 34ms
33ms Ping
text/plain 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7NMRNRYW7C&gtm=45je3b11v875464679&_p=1699153699476&gcd=11l1l1l1l1&cid=1332973204.1699153700&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699153699&sct=1&seg=0&dl=https%3A%2F%2Fgreasyfork.org%2Fen&dt=Greasy%20Fork%20-%20safe%20and%20useful%20user%20scripts&en=scroll&ep.ad_method=ga&epn.percent_scrolled=90&_et=21&tfd=2486
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7NMRNRYW7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 03:08:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://greasyfork.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0DC6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24995ba5ae4a38d0559e6bf5b17be7b3f5bdce3f5aaf293310d1b5ab725dbf6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0DC6 0
364 B 54ms
52ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQNc2JAdHZeD_A6jOrr4PxcmKGIu_iK5m8brp9f8OwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMjI0NzQ2NTYyNDYzNzQwOMgBCagDAcgDAqoEygFP0EPi124UmWJgaFkap8PkKzcb2_KUNwc5nnvp-6kvK1exXqttvkVj9gcmXzGUfjjiFle0hBHLWY1FTFGCyPe385TjnhT4voL3h99FlXKQ27vDiMCF9KSAnKOCGYcyvZ5Yq88BkaQnME2kg1pMH4zDd8BcFpORaqV6xXT6rRJuTPjsj2k9DSMzChOUFuh4ZQvdx53K1uNJqzaSuF9AtMp71nDNeR_hpYMc66s_4jbVrCPCBAir7YO1E2W7RJ4KQLK_OM_SAG48N9mzgAaK1fStwtjT3imgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIyNDc0NjU2MjQ2Mzc0MDgYAA&sigh=kJKb1G4qLLw&uach_m=[UACH]&cid=CAQSTwDICaaNs30F-QqOW83udOmyJFN28_IL0rvgvjxa1gkNxjnBLp5WHr-jd7ejEKp7qSAklFYzTmR6Kgj89sVoPD9QXmausxSL49ddNYIgBNQYAQ&cbvp=2&vis=1

Requested by

Host: greasyfork.org
URL: https://greasyfork.org/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2247465624637408&output=html&h=200&slotname=2593917175&adk=3476448685&adf=2859247084&pi=t.ma~as.2593917175&w=1166&fwrn=4&lmt=1699153699&rafmt=11&format=1166x200&url=https%3A%2F%2Fgreasyfork.org%2Fen&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699153699747&bpp=2&bdt=371&idt=217&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8302641663357&frm=20&pv=1&ga_vid=1332973204.1699153700&ga_sid=1699153700&ga_hid=202093552&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079307%2C44807047%2C44807337%2C44807455%2C31078301&oid=2&pvsid=999037939146818&tmod=1193644689&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=S8ktsd2fxe&p=https%3A//greasyfork.org&dtd=227
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Nov 2023 03:08:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Nov 2023 03:08:20 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame 0DC6 0
757 B 266ms
47ms Image
text/plain 34.149.135.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=92ac0403-7b88-11ee-bbf2-92ac56723c65&d=greasyfork.org&cr=ext_ng_dow_fires6&a=imp&p=ZUcHJAAA_-ABy6coAAKkxUMz29ZBEqRF16aopg&im=h_J5xbYtau1r7QMq0ojeaKFamWo97WPJj9UM6nqgWxzMNeVJ2rEV2dh-T5UV36PQBezTt5KIecnOi9c3o7TS2DTDMPV386uqDc_vx6wZ7LmzKcUt_OWX7Hwt3eqw6eH6U8DNIBxYuyDbtLE7Bt5epzdMVAXl5Kj0055cavCKDlWUphXTE2i5Srwli5pcxMGTGwDJGpld8vtJhwgwx4V5HPXVr8_iVwdxuiFYkhuZEyGTR7EzABY1P5L8cy5PzicCukq-ScCTaERgfkYbxixU41eveTOxJmE8y25XwS5PNKZpEZIEzSL440uGUVqmbiYQ&cbvp=2
Requested by: Host: greasyfork.org
URL: https://greasyfork.org/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 03:08:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 8F79 10 KB
4 KB 16ms
12ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 08:07:58 GMT
etag: 251720774729838433
expires: Sat, 18 Nov 2023 08:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame A2B0 10 KB
4 KB 17ms
14ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 08:07:58 GMT
etag: 251720774729838433
expires: Sat, 18 Nov 2023 08:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVBb-2lTpo_f9dRSOKi2kmRbW6-ePlbfOldVIuYyAN8eGLp6_4IkLbwZNRTskR4_qvmlOZFyERS0jlIoU1RcivrkZHxgSrmJysZzxmmkdhndljOdZOyxbfRCkUMOEwnmNUsC6phOg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 84ms
83ms Script
application/javascript 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVBb-2lTpo_f9dRSOKi2kmRbW6-ePlbfOldVIuYyAN8eGLp6_4IkLbwZNRTskR4_qvmlOZFyERS0jlIoU1RcivrkZHxgSrmJysZzxmmkdhndljOdZOyxbfRCkUMOEwnmNUsC6phOg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5MTUzNzAxLDgwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2dyZWFzeWZvcmsub3JnL2VuIixudWxsLFtbOCwiRzhmdXl5SGdtWUEiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMxdjsJfJUrPhqwbGp-ENnli9-NvqA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53ed75cc04e342def3889b53aa93ebc93999c2980c0f2256760350314e607ea1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ORGjp0QZGIPIBiYwHye-vA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-ORGjp0QZGIPIBiYwHye-vA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 0DC6 159 KB
160 KB 44ms
17ms Font
application/octet-stream 2606:4700:20::681a:3be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2247465624637408&output=html&h=200&slotname=2593917175&adk=3476448685&adf=2859247084&pi=t.ma~as.2593917175&w=1166&fwrn=4&lmt=1699153699&rafmt=11&format=1166x200&url=https%3A%2F%2Fgreasyfork.org%2Fen&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699153699747&bpp=2&bdt=371&idt=217&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8302641663357&frm=20&pv=1&ga_vid=1332973204.1699153700&ga_sid=1699153700&ga_hid=202093552&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079307%2C44807047%2C44807337%2C44807455%2C31078301&oid=2&pvsid=999037939146818&tmod=1193644689&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=S8ktsd2fxe&p=https%3A//greasyfork.org&dtd=227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
x-guploader-uploadid: ABPtcPohtJzaXrAJWddgjzXNCNNpCpJEexVvst6LxsAhHRke4ITTl5XR13YQBcHYAHuLtlHZuPabtwLxTmTEKfAnPeAaQvJQ7pVG
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyQPL5lxzHn0F1jmRcAYmMZfKhyUNYZUk4Uogs33x0u0FCASkPZ%2Bs7du1HDbOYTLGz23l4fuPrxupxUrvX0GXya4im5%2BhbZpiVQCZ2Un43xNYcxTZHy0JPPfmQaM9MsHPTVz60e4wVe6T6PVYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 8211e4481d52238a-EWR
expires: Sun, 05 Nov 2023 03:28:36 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 0DC6 159 KB
160 KB 38ms
12ms Font
application/octet-stream 2606:4700:20::681a:3be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2247465624637408&output=html&h=200&slotname=2593917175&adk=3476448685&adf=2859247084&pi=t.ma~as.2593917175&w=1166&fwrn=4&lmt=1699153699&rafmt=11&format=1166x200&url=https%3A%2F%2Fgreasyfork.org%2Fen&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699153699747&bpp=2&bdt=371&idt=217&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8302641663357&frm=20&pv=1&ga_vid=1332973204.1699153700&ga_sid=1699153700&ga_hid=202093552&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079307%2C44807047%2C44807337%2C44807455%2C31078301&oid=2&pvsid=999037939146818&tmod=1193644689&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=S8ktsd2fxe&p=https%3A//greasyfork.org&dtd=227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3458
x-guploader-uploadid: ABPtcPql1td8NzV8TOaNnGTj2C6gONVxo_9wLNTUyELW0prsPlEjDD8FCjBGs14QOFHBUWWRuzdOqmKYXqYfG85zVBTiO8_wJZHv
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWQJLquktX%2F3kE6I%2BcBfmx73WTtIpk4YZsVofX%2B9RyCSDRZCVGU3oXy86MbMPBPHAS3lIffTk6UpwDpIL6QtJL44pSHGImolo5wtbTurWQgcWNfkUxQwcMkgHtQxVbbN9dTG6dLAs2fpPy97bA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 8211e4481d50238a-EWR
expires: Sun, 05 Nov 2023 02:41:11 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 8F79 4 KB
671 B 35ms
34ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 03:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 01:35:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 03:08:21 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 8F79 16 KB
7 KB 17ms
13ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 23:01:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14807
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6828
x-xss-protection: 0
server: cafe
etag: 11986448221276412250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 23:01:34 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 8F79 21 KB
9 KB 17ms
15ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8796
x-xss-protection: 0
server: cafe
etag: 1225823381704108053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:31:12 GMT

GET
H2 200 5111 Show response
8proof.com/app/rtbmarkup/ Frame B722 8 KB
3 KB 280ms
49ms Document
text/html 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://8proof.com/app/rtbmarkup/5111?id=665301673886&ctd=10034&crid=1511&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCes3lJAdHZcGABOe_6toPvIeI6Az6j4XmbaCDqMWtDcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTIyNDc0NjU2MjQ2Mzc0MDjIAQmoAwHIAwKqBMcBT9CO5so3cmkTFWDnW8d3dvBQpPAgTh1naAkR-KAX2wrjJXxuUAtxvpNLXjdX4C5UYIkxedYpj_bxYe0mxwr1E8_pR-mks0tPVjVYa0vGyF1KoGV0yFvPGQuZptubBf-WjYTlLh2-7PTJx_1Uwhqi2TNG7doSAQ96PUDJjmkxYqoRl0jQ9hkz9PQhgfqwc2MjUR8ucOvP42SqcHuFfRJtECqL-Mrj9krCNoQ20j_ZQ0Jod8ibA6rOv7Cw7wNGkWONfXp6f-31fYAGrZSun7qv781QoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1J7CSH-lPP5V5NOLmZMOifYwM4Bw%26client%3Dca-pub-2247465624637408%26adurl%3D&ap=ZUcHJAABAEEFWp_nAAIDvPZZgm1KzB6uNEosQw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 2f8f2c613b11a754d79e4f3d98f95fb7fb87c4de0cb106d8a321cc2ed3130baa

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 05 Nov 2023 03:08:21 GMT
server: nginx
vary: Accept-Encoding

POST
H2 204 rtimp
g.bidbrain.app/ Frame 0DC6 0
154 B 112ms
103ms Ping
text/plain 34.149.135.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2247465624637408&output=html&h=200&slotname=2593917175&adk=3476448685&adf=2859247084&pi=t.ma~as.2593917175&w=1166&fwrn=4&lmt=1699153699&rafmt=11&format=1166x200&url=https%3A%2F%2Fgreasyfork.org%2Fen&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699153699747&bpp=2&bdt=371&idt=217&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8302641663357&frm=20&pv=1&ga_vid=1332973204.1699153700&ga_sid=1699153700&ga_hid=202093552&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079307%2C44807047%2C44807337%2C44807455%2C31078301&oid=2&pvsid=999037939146818&tmod=1193644689&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=S8ktsd2fxe&p=https%3A//greasyfork.org&dtd=227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 03:08:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A2B0 0
19 B 51ms
49ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCLBPJAdHZcGABOe_6toPvIeI6Az6j4XmbaCDqMWtDcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTIyNDc0NjU2MjQ2Mzc0MDjIAQmoAwHIAwKqBMQBT9CO5so3cmkTFWDnW8d3dvBQpPAgTh1naAkR-KAX2wrjJXxuUAtxvpNLXjdX4C5UYIkxedYpj_bxYe0mxwr1E8_pR-mks0tPVjVYa0vGyF1KoGV0yFvPGQuZptubBf-WjYTlLh2-7PTJx_1Uwhqi2TNG7doSAQ96PUDJjmkxYqoRl0jQ9hkz9PQhgfqwc2MjUR8ucOvP42SqcHuFfRIvEgsZB01Uo_d1K3_FwPwCMmJiocG1Gx8oVKJzPqRvvXtw39UvwoAGrZSun7qv781QoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMjQ3NDY1NjI0NjM3NDA4GAA&sigh=dUoc0LVDiuU&uach_m=[UACH]&cid=CAQSTwDICaaNsFWsEpaRAc5p5NVIWZAfSlFICLk8Y8V2CJX28T-GXpDGDcLS3mWN0HPsqPdraviWJs5qva3FIn1hlVBZPAksooDnDLnSGmMZGuQYAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Nov 2023 03:08:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 win
8proof.com/app/ Frame A2B0 0
44 B 256ms
47ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=665301673886&ap=ZUcHJAABAEEFWp_nAAIDvPZZgm1KzB6uNEosQw&t=b&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
content-length: 0
server: nginx

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0992 3 KB
1 KB 17ms
14ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0992 20 KB
8 KB 13ms
11ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0992 189 KB
59 KB 48ms
47ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 03:08:21 GMT

GET montserrat-v25-latin-800.woff2
cdn.8proof.com/assets/fonts/ Frame B722 0
0

GET montserrat-v25-latin-600.woff2
cdn.8proof.com/assets/fonts/ Frame B722 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 77ms
70ms XHR
application/json 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

467ed1153cbd300f788a5062e39775761981f282e0295cf6af076686b37c62e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12400
x-xss-protection: 0

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 0992 159 KB
160 KB 25ms
25ms Font
application/octet-stream 2606:4700:20::681a:3be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
x-guploader-uploadid: ABPtcPohtJzaXrAJWddgjzXNCNNpCpJEexVvst6LxsAhHRke4ITTl5XR13YQBcHYAHuLtlHZuPabtwLxTmTEKfAnPeAaQvJQ7pVG
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9fcGi7mV3IvpfNoI0xcvw6yU0rhzDSzpKMeawLdcWDYtJDV32UI8i7GKvQsLI4DPArHrnLi2%2Fk0XqPKm3eG%2Fmqq4YUW1ugel18dIyLmb52q6rjYtVtgzmo%2FbwhLjl49taiLOb18sx9ciTQuGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 8211e44b0f7e238a-EWR
expires: Sun, 05 Nov 2023 03:28:36 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 0992 159 KB
159 KB 10ms
9ms Font
application/octet-stream 2606:4700:20::681a:3be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3458
x-guploader-uploadid: ABPtcPql1td8NzV8TOaNnGTj2C6gONVxo_9wLNTUyELW0prsPlEjDD8FCjBGs14QOFHBUWWRuzdOqmKYXqYfG85zVBTiO8_wJZHv
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95ze5Ajjes7bjZCNcfQx2wJv49HqtgLriKerLAP4hacxFQcvDF%2BCfU0uYWlSnGVFpJSAniY7G1MNU%2FuYGmzQgn91OZW0z1hIer3sswC4qzwjff8JNFvPTe%2F0yyl9hO5Pcg0SPqHTbnJl2cy80A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 8211e44b0f7f238a-EWR
expires: Sun, 05 Nov 2023 02:41:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 03:08:21 GMT

POST
H3 204 rtimp
g.bidbrain.app/ Frame 0992 0
20 B 59ms
58ms Ping
text/plain 34.149.135.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: greasyfork.org
URL: https://greasyfork.org/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 03:08:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2CCE 13 KB
5 KB 14ms
12ms Document
text/html 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 310407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 12:54:54 GMT
expires: Thu, 31 Oct 2024 12:54:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D336 829 B
1 KB 92ms
42ms Document
text/html 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ae90dbe9e1b580f073bcc33794cf55d88e9000d257fd2d0e0ec45d473afaa5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QKGfpDeIGz2hPR3R9BngDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greasyfork.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QKGfpDeIGz2hPR3R9BngDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 03:08:21 GMT
expires: Sun, 05 Nov 2023 03:08:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2CCE 38 KB
15 KB 17ms
16ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 286667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:30:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D336 0
0 41ms
40ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=999037939146818&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2CCE 0
10 B 12ms
11ms Image
text/plain 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?klY59w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 48ms
48ms Image
image/gif 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.367619638352949

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-LdIUJK4pA11IMkRZZ6JmKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-LdIUJK4pA11IMkRZZ6JmKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 47ms
46ms Image
image/gif 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=3.077717183130977

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-El5P5yGyv9N8tlqx50Jkwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-El5P5yGyv9N8tlqx50Jkwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 72ms
45ms XHR
text/html 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TAcH2LNbJVxtciHevtFlbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 03:08:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TAcH2LNbJVxtciHevtFlbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://greasyfork.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=999037939146818&bg=!_v2l_bLNAAb4oU7C2KE7ADQBe5WfONPaBq4ZB5TJ0QTpciOQNP4xjWDgEbHBezaSfrpfcrcKYFNf_V3k3xU_Nqs5_ZjAAgAAAIBSAAAACWgBB5kDBhm35lXEdz6WP8HV4KCagEePsdV8ZBp25042laJusUvlEVgPtQIZ35Q6iKdzMBvWynUPDG2WWINqN__cmZFbFvqrjWswaFq2U1xEQVC6TE78_CS-9Ko7_b4u-6ppeJV_1L21jZlf8moysG3Rz9sK4X0RhvOrzgGan38L-ZBpaV1DjsaL153V2s-c0gY0JOAGwguCfnomee661qVQVZ-ZfNbxe3uAJ2ROe_HKAKUXRCltylKxrCJzQ3d_Za6pOwWHEbvJcPUUeQYhMXHfnrpbhQ9ejE8kDhtcDJUqw0tbA4pNs-ad2O__w0unCPN9YNKHkJQHc-rYW8dswufUXfWSQsMRH_9YZ0TsveIpDqlOJH5mMxz8NGEhQ1DgS5JaHB47THjWq08QrDsq-9cyLnjAOe4C18tbFlL-6x7Dnu-zdOB3DHbMHHQfTtoNx0WFEq32-_toAO3LF2e_P-BXnr07K3xDyDV3XFLHOSqeCoZ28zRbsuBmUQG_9X--bCbsQmccLonPS2jAnhifb35Kw43o2H8eJiqu9ly0e9PtFh9ralGyYas0Q-4xaK6U6VWpSWVtjmDy5MY_ihbAf8iNQK8G_zsGcT1uS9VZuBPlYLKIVBoWoEyx2J1M87Bc5THQD74yxRbaRS15k2Ac2dBRf4plD-Uh-6hy31kkQ7ffOXYf6XIR_fLeRBEu0ElbAwvHajWw42LWnG6qCWIn2tgAo2xzQ88CTnW0jst-_Btj-S95YywG8JfrcH6lrbikbEZqh_yDXtiCZeGXCNzaNmvWBCK5IVeG8fa3-gksPVbcInUPzH1lox9AqMVNSgmLe2j8LifsyGOVXtrNghGB-iz-BkGP1fMbSQNtlsvS8-q05M83Gc-mE3HWUxT7jyYCHu4I8OKpCFPsotcV3eUz3gzaHD6icMlkXO75uA0oCTnRDm4V4gLHhvuH8tsY_3WDmTGAQEXQsiMH6Mlsph8lHsBkpAeQzA2Sgt4GlYpcYBPaeVaPwnLMfS5YMbBmq3Uo9XD8hScXUoBDjejS9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 ads- Show response
fundingchoicesmessages.google.com/f/AGSKWxXef9TmxJ-hjdvtfm3xbRKCX-H3Sa0eXHVnPvOEqrTY4XgXmXVL-UK8oc8ONqw0Uk3iJXtKqQwp7hbei68v71KJWweyLSH1JgCaQulpGyLNV4eltpWtQbhyGd6EY9_JYnRzHasi7Lra66HkBQegIljAJkF41... 54 B
108 B 60ms
56ms Script
application/javascript 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXef9TmxJ-hjdvtfm3xbRKCX-H3Sa0eXHVnPvOEqrTY4XgXmXVL-UK8oc8ONqw0Uk3iJXtKqQwp7hbei68v71KJWweyLSH1JgCaQulpGyLNV4eltpWtQbhyGd6EY9_JYnRzHasi7Lra66HkBQegIljAJkF41gKNzyx0CoNuCGYHrjZVA1FLZV9PE5EX/_/banners/ad11./jsplayerads-/peelbackscript/ad_/footerads./compiled/ads-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.G8fuyyHgmYA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyj8VxkfOJT-VDw7ABPfm06TShcPw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2084ec984142a2ade55fd7776445ab683b4cbf698cf1f81baa419ff6b50c33a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OB9SRrsi01dfO1QdFIjQhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OB9SRrsi01dfO1QdFIjQhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 21ms
17ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df0d3f5eed86511fa9135f21cbee65b08c1efc23fea10175b0f2db4bca19b670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 02:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24425
x-xss-protection: 0
server: cafe
etag: 2680689839065237785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 03:30:06 GMT

POST
H3 204 AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 56ms
53ms XHR
text/html 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SNJ4AroXDxflDLmlAvDxzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 03:08:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-SNJ4AroXDxflDLmlAvDxzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://greasyfork.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
46ms XHR
text/html 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sez07W-0fuNpC14cUQePDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 03:08:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sez07W-0fuNpC14cUQePDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://greasyfork.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 48ms
47ms XHR
text/html 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OxtT5X8KKm1c9it-IFfjtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 03:08:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OxtT5X8KKm1c9it-IFfjtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://greasyfork.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
51ms XHR
text/html 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0_qHd_GlnGZtoy6UTcRfQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 03:08:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-0_qHd_GlnGZtoy6UTcRfQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://greasyfork.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXVgSRh_DjVjzNZxO9SRwDwX11SUv3fEysplhwMM50t3OvUMZ6BZxvJsUTN8I3kvM18c05wI2k1RCoiiWmDEJ3NBu56WiJ3tkI_a0vkDVHk8Rx2EPDN_ux7u_a1Ad_hcb00vdJf-w== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 60ms
59ms Script
application/javascript 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXVgSRh_DjVjzNZxO9SRwDwX11SUv3fEysplhwMM50t3OvUMZ6BZxvJsUTN8I3kvM18c05wI2k1RCoiiWmDEJ3NBu56WiJ3tkI_a0vkDVHk8Rx2EPDN_ux7u_a1Ad_hcb00vdJf-w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5MTUzNzAyLDk2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZ3JlYXN5Zm9yay5vcmcvZW4iLG51bGwsW1s4LCJHOGZ1eXlIZ21ZQSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f787658e6647b328ab19bfaf9b31e6639d543e309937a66f218f2b2594cc59c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yumv2bfyWgHkY41wm5BR0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-yumv2bfyWgHkY41wm5BR0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
43ms XHR
text/html 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6bpAiDhLaeGrzZP-Dtdiqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 03:08:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-6bpAiDhLaeGrzZP-Dtdiqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://greasyfork.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVZD8Sm3DVwOLoB-wQGhhM0bSCN26cFc42t_u0S0jt7oQf6N4xmnqwbwHqsls9XaOmxHtV0CrPhJmBkWAbjly5lRD3UEwElD6tHEx8tq_1XDO_PWyhA6egmAU5TmUy85fK1hkyi5A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 74ms
73ms Script
application/javascript 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVZD8Sm3DVwOLoB-wQGhhM0bSCN26cFc42t_u0S0jt7oQf6N4xmnqwbwHqsls9XaOmxHtV0CrPhJmBkWAbjly5lRD3UEwElD6tHEx8tq_1XDO_PWyhA6egmAU5TmUy85fK1hkyi5A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5MTUzNzAzLDM5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ncmVhc3lmb3JrLm9yZy9lbiIsbnVsbCxbWzgsIkc4ZnV5eUhnbVlBIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58091fdb827897a28a65bf6cb5cde1449b7266291c39c4867f9477edea3d1d92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jRh-iuo-OzZlHSCCxmXXqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-jRh-iuo-OzZlHSCCxmXXqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVmwR7S8o4j1H5xq28wCUkTmci0HJv20RwAubExuMa-E1-kQOxwdNCXb4Ml1Fb790qz2PtykRwkzwKPyMbBI58r7jGGCuL5i01gZcWWqNNUe_uRiUDIZOfBGgqL9m3PB579XzsASg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 66ms
65ms Script
application/javascript 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVmwR7S8o4j1H5xq28wCUkTmci0HJv20RwAubExuMa-E1-kQOxwdNCXb4Ml1Fb790qz2PtykRwkzwKPyMbBI58r7jGGCuL5i01gZcWWqNNUe_uRiUDIZOfBGgqL9m3PB579XzsASg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5MTUzNzAzLDEyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ncmVhc3lmb3JrLm9yZy9lbiIsbnVsbCxbWzgsIkc4ZnV5eUhnbVlBIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

078d933621dea59d87f0c4e4c84f625251584f30ad448f290def40ddd9da7674

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PF1H1JdW0uIIwIhgbe6iYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greasyfork.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:08:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-PF1H1JdW0uIIwIhgbe6iYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxURnaXkFMXuZwxN4JampRzNFFgU7-seWas7Rp0MFizdAZKzMrOlP9XCjnPTGmuBDdX24L93NQMV50kNjCJwYsmpglvyCpFc3BrU2htMVSmKnXZwujlfFBUtE5JahR7yYcVbmj0eOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxURnaXkFMXuZwxN4JampRzNFFgU7-seWas7Rp0MFizdAZKzMrOlP9XCjnPTGmuBDdX24L93NQMV50kNjCJwYsmpglvyCpFc3BrU2htMVSmKnXZwujlfFBUtE5JahR7yYcVbmj0eOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Zi3k_aGgYHqDvXncNL6hlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 03:08:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Zi3k_aGgYHqDvXncNL6hlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://greasyfork.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 64ms
64ms XHR
text/html 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWS0S-EQnW1CN3vXAM8KiLJk1MCBv3jVm4DcKhs9nxZZNxzPilgnu5NDQ01JQbyV3h3Ld-CHSjwz2ZPfChc0nlgIusJLJK9EYOvAyxPDEmsVvCt8ZtzUxOOIyAPtm_j4JpbQtNKBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9qngnve_kR4IAQoXzW97jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greasyfork.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 03:08:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9qngnve_kR4IAQoXzW97jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://greasyfork.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.8proof.com
URL: https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-800.woff2

Domain: cdn.8proof.com
URL: https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-600.woff2

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
greasyfork.org/	1969-12-31 23:59:59	Name: locale_messaged Value: true
greasyfork.org/	1969-12-31 23:59:59	Name: _greasyfork_session Value: 1qZ8Q7lXg3yt2y2k%2FPKRjYgqx5oICdkDf10SKjW0UETfZw9Ww%2BGSn78SzP1HSILo1qpgC0bgxYO6mBA9aFHy05AxgaZJlrP%2F4lLKs26te%2BRLc73mVLE0nMM5UaIfxjf%2FppH4Ga77gBcvQNusc08utvvtdhvSu2z0xG4mq0PmfQxlJvckPgMuAWSEGbYovjIiWktH2j1RUVOJdIm9kYLJXznOMoH%2FwvNJnEXjh8glDjLq6rp%2FVx%2FCCJ5AMaB9NNL3e8YNqRgWmpkPh5y9bX4M3%2FQOXYU2e%2FuqdupV--FWDuBghRNPAbnVNC--g5iObyDcLfYX5JllJbhl1g%3D%3D
.greasyfork.org/	1970-01-21 01:35:13	Name: _ga Value: GA1.1.1332973204.1699153700
.greasyfork.org/	1970-01-21 01:20:49	Name: __gads Value: ID=914c41f11056a389:T=1699153700:RT=1699153700:S=ALNI_MbQs6R_Hpw283fvEUhT2LZty2BhTA
.greasyfork.org/	1970-01-21 01:20:49	Name: __gpi Value: UID=00000d9fa33842ba:T=1699153700:RT=1699153700:S=ALNI_MbUt5eQI7AkvBKn4YGxNSOsRGVS1w
.doubleclick.net/	1970-01-21 01:35:13	Name: IDE Value: AHWqTUlxgcT00SWhM9fnKg9ml1RJiL8nVPZxDDSvbtQmHcvnwO9mNWlNT94UlVYWyNY
.bidbrain.app/	1970-01-21 01:35:13	Name: uid_cross Value: 9343da46-7b88-11ee-8453-1ab2e27d0485
.greasyfork.org/	1970-01-21 01:35:13	Name: _ga_7NMRNRYW7C Value: GS1.1.1699153699.1.0.1699153701.0.0.0
.bidbrain.app/	1970-01-20 15:59:20	Name: sid_cross Value: 92ae422a-7b88-11ee-a5c6-e20829c71183
.greasyfork.org/	1970-01-21 00:44:49	Name: FCNEC Value: %5B%5B%22AKsRol87F4dVcCUBWDTeOZGKhGfhBKMRFoRdnrtjEByuVMpYhIOfbCw3EFklRy90GWajDea5Z_7PGIaRnTK7J5Ql8pmFPzPkWK0Y2ykOl4w0ZXgUiHoS6miG1pHm9JBwi_zQwTpQmw_lQGsIMgdC5pjgdMpXww2r5Q%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://8proof.com/app/rtbmarkup/5111?id=665301673886&ctd=10034&crid=1511&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCes3lJAdHZcGABOe_6toPvIeI6Az6j4XmbaCDqMWtDcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTIyNDc0NjU2MjQ2Mzc0MDjIAQmoAwHIAwKqBMcBT9CO5so3cmkTFWDnW8d3dvBQpPAgTh1naAkR-KAX2wrjJXxuUAtxvpNLXjdX4C5UYIkxedYpj_bxYe0mxwr1E8_pR-mks0tPVjVYa0vGyF1KoGV0yFvPGQuZptubBf-WjYTlLh2-7PTJx_1Uwhqi2TNG7doSAQ96PUDJjmkxYqoRl0jQ9hkz9PQhgfqwc2MjUR8ucOvP42SqcHuFfRJtECqL-Mrj9krCNoQ20j_ZQ0Jod8ibA6rOv7Cw7wNGkWONfXp6f-31fYAGrZSun7qv781QoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1J7CSH-lPP5V5NOLmZMOifYwM4Bw%26client%3Dca-pub-2247465624637408%26adurl%3D&ap=ZUcHJAABAEEFWp_nAAIDvPZZgm1KzB6uNEosQw Message: Access to font at 'https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-600.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://8proof.com/app/rtbmarkup/5111?id=665301673886&ctd=10034&crid=1511&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCes3lJAdHZcGABOe_6toPvIeI6Az6j4XmbaCDqMWtDcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTIyNDc0NjU2MjQ2Mzc0MDjIAQmoAwHIAwKqBMcBT9CO5so3cmkTFWDnW8d3dvBQpPAgTh1naAkR-KAX2wrjJXxuUAtxvpNLXjdX4C5UYIkxedYpj_bxYe0mxwr1E8_pR-mks0tPVjVYa0vGyF1KoGV0yFvPGQuZptubBf-WjYTlLh2-7PTJx_1Uwhqi2TNG7doSAQ96PUDJjmkxYqoRl0jQ9hkz9PQhgfqwc2MjUR8ucOvP42SqcHuFfRJtECqL-Mrj9krCNoQ20j_ZQ0Jod8ibA6rOv7Cw7wNGkWONfXp6f-31fYAGrZSun7qv781QoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1J7CSH-lPP5V5NOLmZMOifYwM4Bw%26client%3Dca-pub-2247465624637408%26adurl%3D&ap=ZUcHJAABAEEFWp_nAAIDvPZZgm1KzB6uNEosQw Message: Access to font at 'https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-800.woff2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
cdn.8proof.com
cdn.rtbrain.app
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.bidbrain.app
googleads.g.doubleclick.net
greasyfork.org
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
update.greasyfork.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
cdn.8proof.com
2600:3c01:1::607e:631c
2600:9000:2508:fa00:19:7e87:8900:93a1
2606:4700:20::681a:3be
2607:f8b0:4020:804::2003
2607:f8b0:4020:804::2008
2607:f8b0:4020:805::2001
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::2004
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::200e
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::200a
2607:f8b0:4020:807::200e
34.149.135.28
52.116.53.150
078d933621dea59d87f0c4e4c84f625251584f30ad448f290def40ddd9da7674
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
179dfc8f363b9183338bd9e912bf66426f17a188967dc14cc19575843a9dcea0
18c72b42c630259e7f589c515f8cf986f14dc6f4cb1b75c92042c68d47a7f79f
24995ba5ae4a38d0559e6bf5b17be7b3f5bdce3f5aaf293310d1b5ab725dbf6b
258c82612dc0e5a8dc1e7042a2e7eb7dbe544b04afc591f2b7b37c96cecb3f99
27712b1cedb727a08486359d646da1fdfc09df1e38e9de62e718e223cba18184
2b68c64deb88e7ea79696f20da0b6dd77c969e196f67f5a790ecfa5d1bc8e36a
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f8f2c613b11a754d79e4f3d98f95fb7fb87c4de0cb106d8a321cc2ed3130baa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36e21b1845523d22705c79b43c384d836a53b312e57589936dacf57cbe068f61
38a89fd0a62bc0b5f941b540b9d6653932b8c05d16c9cface886a24d0d06573c
3ae90dbe9e1b580f073bcc33794cf55d88e9000d257fd2d0e0ec45d473afaa5e
439db95fd72eacf019f9a0cd934c5cd77866206f7e50ed358b3322a0260d96a9
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
467ed1153cbd300f788a5062e39775761981f282e0295cf6af076686b37c62e3
53ed75cc04e342def3889b53aa93ebc93999c2980c0f2256760350314e607ea1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58091fdb827897a28a65bf6cb5cde1449b7266291c39c4867f9477edea3d1d92
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
8a5a98f33364dda62516531b3e4bacbc7cb5b6db6ce8be27e7dafa8ff44146d9
8f8c0fd411b13aea0ecb3307bd55361aeef6dcc26c844900b07344f4efe88c56
913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969
9477f942d25a18685f634972374bd676064acb799349d785d62f07a2fccf0e76
984b36638622206bececefd75641ed6c9a8bcf92f8197edbb0731b5f47d5c91a
99a3748930458e8876ae522524f30daabb38509a1262b6528a1b2d98dafa39e8
a2084ec984142a2ade55fd7776445ab683b4cbf698cf1f81baa419ff6b50c33a
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
c1adb781d60fa518056045b89cb87b1a8d3b6915a67a942589a225c4b80e1899
cb88b538fe8bfe86632b62a0249b30e549ca0654f51dc7979e8f17f64bd8e7a7
cd230945f96e6421aa20de634463d91e453b8835df5139c93bd0aa99273fcced
ceddf0c3e6f19daa7d27ec3ba3d8c5c00815002ded8fbc942f1281c0452be0b4
d8017c49961e4352ccc035f37685f12f23101b138c611e29367f772d3f71621d
df0d3f5eed86511fa9135f21cbee65b08c1efc23fea10175b0f2db4bca19b670
e0c2c76180916332b7516ad47e1e206b42d131d36ff4afe98da3b1ba61fd5d6c
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f4c914f5dfefb48716e0ea402c3794372b501b7db6c73be8d76a1d298a33db5f
f787658e6647b328ab19bfaf9b31e6639d543e309937a66f218f2b2594cc59c3
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

greasyfork.org Open in urlscan Pro 2600:3c01:1::607e:631c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

97 %HTTPS

87 %IPv6

13 Domains

17 Subdomains

15 IPs

2 Countries

1541 kBTransfer

3111 kBSize

10 Cookies

16 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

greasyfork.org Open in urlscan Pro
2600:3c01:1::607e:631c Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

97 %
HTTPS

87 %
IPv6

13
Domains

17
Subdomains

15
IPs

2
Countries

1541 kB
Transfer

3111 kB
Size

10
Cookies

74 HTTP transactions
1 data transactions