defaultpassword.us Open in urlscan Pro
198.252.98.72 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://defaultpassword.us/
Submission: On November 24 via automatic, source certstream-suspicious (November 24th 2023, 9:17:59 pm UTC) — Scanned from US

Summary HTTP 139 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 12 domains to perform 139 HTTP transactions. The main IP is 198.252.98.72, located in United States and belongs to HAWKHOST, CA. The main domain is defaultpassword.us.
TLS certificate: Issued by R3 on November 24th 2023. Valid for: 3 months.

This is the only time defaultpassword.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
61	198.252.98.72 198.252.98.72	20068 (HAWKHOST) (HAWKHOST)
17	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
2 12	2607:f8b0:400... 2607:f8b0:400d:c0c::9b	15169 (GOOGLE) (GOOGLE)
25	2607:f8b0:400... 2607:f8b0:400d:c0e::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c04::5f	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:400d:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::95	15169 (GOOGLE) (GOOGLE)
2 3	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4001:c0e::78	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c04::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4000:25::8	15169 (GOOGLE) (GOOGLE)
1	74.125.192.155 74.125.192.155	15169 (GOOGLE) (GOOGLE)
4	173.194.175.154 173.194.175.154	15169 (GOOGLE) (GOOGLE)
139	15

61 198.252.98.72 (United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.98.72-static.reverse.arandomserver.com

defaultpassword.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:400d:c0c::9b (Morganton, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:400d:c0e::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c04::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::95 (Morganton, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2004 (United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4001:c0e::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4000:25::8 (United States)

ASN15169 (GOOGLE, US)

rr3---sn-q4fzenee.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.192.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f155.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.194.175.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	defaultpassword.us defaultpassword.us	91 KB
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	523 KB
13	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	138 KB
9	gstatic.com www.gstatic.com csi.gstatic.com	95 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	255 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	googlevideo.com rr3---sn-q4fzenee.googlevideo.com — Cisco Umbrella Rank: 21384	1 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1820	9 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	131 KB
0	statcounter.com Failed www.statcounter.com Failed
139	12

	Domain	Requested by
61	defaultpassword.us	defaultpassword.us
25	tpc.googlesyndication.com	pagead2.googlesyndication.com defaultpassword.us googleads.g.doubleclick.net tpc.googlesyndication.com
17	pagead2.googlesyndication.com	defaultpassword.us pagead2.googlesyndication.com tpc.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net www.googletagservices.com
12	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.gstatic.com	defaultpassword.us googleads.g.doubleclick.net
4	www.googleadservices.com
4	www.googletagservices.com	defaultpassword.us googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	csi.gstatic.com	www.gstatic.com
2	fonts.googleapis.com	googleads.g.doubleclick.net defaultpassword.us
1	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	rr3---sn-q4fzenee.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
0	www.statcounter.com Failed	defaultpassword.us
139	15

This site contains links to these domains. Also see Links.

Domain
www.wapopia.us
www.joomla.org
validator.w3.org
jigsaw.w3.org

Subject Issuer	Validity	Valid
*.defaultpassword.us R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://defaultpassword.us/
Frame ID: 997402034999046801B1AFBF2F33FF7F
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: E536E8C0DC8B70E907CD7DC4D4B80E13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2776142838085519&output=html&adk=2719059975&adf=303910241&lmt=1700860674&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fdefaultpassword.us%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700860675332&bpp=4&bdt=581&idt=297&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6245747086570&frm=20&pv=2&ga_vid=362489284.1700860676&ga_sid=1700860676&ga_hid=176703643&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809055&oid=2&pvsid=606113465611453&tmod=193097263&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=315
Frame ID: 66655131032DCE06E8D08BF3AE55E593
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: D326D8719BA43B51EF8C854C48AE0955
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: C2E792801767E13829992537A2F8FA72
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 2461B13E73113BC4703ED314595B1352
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: DAC8575C208B32F5F9ACB7C7A793365B
Requests: 11 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: 92B7D433CAEF4D127DCAD28D8DD5B2A5
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 076335F3358FC0C209E043D07DD8BED6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A74B53A1B65B2F2E576D58F0D48876F4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBAC68D7226C4407DE5DC298ECF9563A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 03FF93AB997EF31B4496CF1F4626C101
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 907B730222BE03CFAE47B638B268EF61
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 202AED94CB973E060B54EFB36C897F91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 0F27335137E9943FA8F95D4ED9DA3796
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 53939FAAC7D8182471F6F4CD7709806A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Default Password

Detected technologies

Joomla (CMS) Expand

Overall confidence: 50%
Detected patterns

(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

139
Requests

97 %
HTTPS

79 %
IPv6

12
Domains

15
Subdomains

15
IPs

1
Countries

2290 kB
Transfer

4485 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wapopia.us/
Title: Wapopia Blog

Search URL Search Domain Scan URL

URL: http://www.joomla.org/
Title: Joomla!

Search URL Search Domain Scan URL

URL: http://validator.w3.org/check/referer
Title: XHTML

Search URL Search Domain Scan URL

URL: http://jigsaw.w3.org/css-validator/check/referer
Title: CSS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://googleads.g.doubleclick.net/pagead/adview?ai=ChE7AAxNhZdXeLLuduvQP0siisA7f6smzdJaRv97-EbCQHxABII3GmQJgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoE3AFP0KR1YT0KsVIkjrVBG5omJaW6NcRQFYRrTSqML90-oprnAWOly7sWjeb3DxkcpVs_OJPTUt9VDQvngixp7B1KIiTNDi4-1sVQFLnpXGqslswArofR8ni4GgKN-5YYvppWCRa_qvYSavASVrJKur-s3_6xijC5kqBDE1GzpQTNTIjaNgO06ITDKvvfDDtKDliWf9LTSzqZIBIi1SfqH-_WEZURlL6PjCNj2W__9uDhqDFkrY2gk4qPXOKefNBqRqZEG707oaN9Ji3ehB_AsquapPJmNXYB16zHojdBwATh9_fhgQSIBZeb65FDkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ_YcM0ggUCIBhEAEYHzICigI6AoBASL39wTqaCURodHRwczovL2ZyZWUud2ViY29tcGFuaW9uLmNvbS9taW5pbWUvP2J0bj1zdGFydCZjYW1wYWlnbj0xODAyMjU4MzcwM4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEOCi2sqmm4T7FhICAQPYEw3QFQGAFwGyFxwKGggAEhRwdWItMjc3NjE0MjgzODA4NTUxORgA&sigh=2qtSTI3Ixj0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNfHNCu8-yFj-cpoCAVhs48s-APh_NsuE542LdrAR8L5bz8exySHnXS4-bcMWuOsTGL68VfDblARIGCqDcQwoRq-u1b38Fl6YIFycYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda282f56f3c36af80000000000000000%22,%222%22:%220x4032bcee2254ba510000000000000000%22,%223%22:%220x66d1690b90fbed5f0000000000000000%22,%224%22:%220x9af668c4ef82fe8b0000000000000000%22,%225%22:%220xde153f6741a0eb8f0000000000000000%22},%22debug_key%22:%2211751576629159222125%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212428080154214654401%22}&andc=true

Request Chain 129

https://googleads.g.doubleclick.net/pagead/adview?ai=Copd5AxNhZdTeLLuduvQP0siisA7f6smzdJaRv97-EbCQHxABII3GmQJgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoE3AFP0BMW6Dbj3uFq4ZCnR6ZJub3Mqp4TspKPjqjSPnmJvP8CRDv8Z6XMcMOoPh09rWvTINqJDbuBuic7UYndfqgGcTbCxa1rQN2ImcHpXLSkUWx5041ER4bTF4YRjz8MhQa2LAy427BGHSsTdLNAzaL_QoiLlncl7cHmC0wa1-G00qNF3IinlrFwrsTTzTsavTwM-tQkCe7iuBNqmNLfNUUJP2MX6oOH5iDPMHvdShE-8Sq2DSM23wXlNYIEc8mhCWMcNd22cIvJ9N5GPi_-lJtY4-5jDEn4vq5NDLF1wATh9_fhgQSIBZeb65FDkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ47gP0ggUCIBhEAEYHzICigI6AoBASL39wTqaCURodHRwczovL2ZyZWUud2ViY29tcGFuaW9uLmNvbS9taW5pbWUvP2J0bj1zdGFydCZjYW1wYWlnbj0xODAyMjU4MzcwM4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEICalNSBiYXKORICAQPYEw3QFQGAFwGyFxwKGggAEhRwdWItMjc3NjE0MjgzODA4NTUxORgA&sigh=FF5I64sF8m4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNfHNCu8-yFj-cpoCAVhs48s-APh_NsuE542LdrAR8L5bz8exySHnXS4-bcMWuOsTGL68VfDblARIGCqDcQwoRq-u1b38Fl6YIFycYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda282f56f3c36af80000000000000000%22,%222%22:%220x4032bcee2254ba510000000000000000%22,%223%22:%220x66d1690b90fbed5f0000000000000000%22,%224%22:%220x9af668c4ef82fe8b0000000000000000%22,%225%22:%220xde153f6741a0eb8f0000000000000000%22},%22debug_key%22:%2213362681767919057161%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216153265850207638865%22}&andc=true

139 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
defaultpassword.us/ 14 KB
4 KB 457ms
172ms Document
text/html 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: 6d80f07601070f83fad523324e0ae0966c5eca6a552eefc0e706c57d7f2b6dd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 24 Nov 2023 21:17:54 GMT
expires: Mon, 1 Jan 2001 00:00:00 GMT
last-modified: Fri, 24 Nov 2023 21:17:54 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

GET
H2 200 msg.css
defaultpassword.us/components/com_chronocomments/ 951 B
326 B 207ms
201ms Stylesheet
text/css 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/components/com_chronocomments/msg.css
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: de49b2da2af38957fe452847d9eba21a84cf11cf226a95e72be2f7dea0e49e7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 271
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 mootools.js Show response
defaultpassword.us/media/system/js/ 73 KB
19 KB 111ms
106ms Script
application/javascript 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/media/system/js/mootools.js
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 6f41f29b0f02e5481de7e96b521b618eca399bade637e84457034fab87681d91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Sat, 11 Jan 2014 13:09:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19707
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 caption.js Show response
defaultpassword.us/media/system/js/ 2 KB
848 B 207ms
202ms Script
application/javascript 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/media/system/js/caption.js
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 751c93befc1f1c6dbe3c6d302c25cbeee14a405b5a34b25f5b7366fb599f7c78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Sat, 11 Jan 2014 13:09:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 792
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 msg.js Show response
defaultpassword.us/components/com_chronocomments/ 10 KB
2 KB 212ms
208ms Script
application/javascript 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/components/com_chronocomments/msg.js
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: ce076c8cce964dad65f60dfd311eb04a18c2bbbf859163ec2d23c4c94a082def

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2214
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 scripts.js Show response
defaultpassword.us/components/com_chronocomments/ 18 KB
3 KB 208ms
204ms Script
application/javascript 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/components/com_chronocomments/scripts.js
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 72a479c0136b8698d7356d248e6f50ea12840bd812b3527c21dd9a55d4770ac1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 style.css
defaultpassword.us/components/com_chronocomments/ 4 KB
1 KB 109ms
105ms Stylesheet
text/css 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/components/com_chronocomments/style.css
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: cb255f073f73e954171c15028915f286b4624b5cb99f40aa81068f2d5164c366

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2012 00:59:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 925
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 editor.js Show response
defaultpassword.us/components/com_chronocomments/ 8 KB
2 KB 214ms
210ms Script
application/javascript 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/components/com_chronocomments/editor.js
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: a48b3a7c8ca6d99f92c0214a724741abb29f7d98b171d12ce2c5f8d020c674d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2483
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 system.css
defaultpassword.us/templates/system/css/ 1 KB
493 B 210ms
207ms Stylesheet
text/css 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/templates/system/css/system.css
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 0d824c8b104ad2fe36019f4b3238d8c2969ae84008602a1f3d0b96024d6b131a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Sat, 11 Jan 2014 12:53:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 437
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 general.css
defaultpassword.us/templates/system/css/ 3 KB
709 B 207ms
204ms Stylesheet
text/css 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/templates/system/css/general.css
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: ddf43ca5f1ddd28645a5d21dcb48da29ab5beef16b7ba84f882aa43bdf273f8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Sat, 11 Jan 2014 12:53:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 653
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 template.css
defaultpassword.us/templates/rhuk_milkyway/css/ 13 KB
3 KB 205ms
203ms Stylesheet
text/css 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: cf70be681126b8ebccd038379b5fb626ce8386aa9015617548229bdac1efa6ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Sat, 11 Jan 2014 12:53:43 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3121
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 blue.css
defaultpassword.us/templates/rhuk_milkyway/css/ 723 B
275 B 212ms
209ms Stylesheet
text/css 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue.css
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 7b43fdfa91335b80a2198fb64b6c6a9e1e96761e786d32928763a4b7fcb94649

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Sat, 11 Jan 2014 12:53:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 220
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 blue_bg.css
defaultpassword.us/templates/rhuk_milkyway/css/ 730 B
204 B 213ms
211ms Stylesheet
text/css 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 3d8ffd05fa2121cd067c6be168eb716b032cc54fca39ac45bbc90b6b1209003f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
content-encoding: br
last-modified: Sat, 11 Jan 2014 12:53:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 172
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 250ms
115ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c37e9ec3b8c81da2e0826ce933819cb8e126585774b8da3df771c631252982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52842
x-xss-protection: 0
server: cafe
etag: 6859026407440131211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:17:55 GMT

GET
H2 200 printButton.png
defaultpassword.us/images/M_images/ 379 B
418 B 211ms
209ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/images/M_images/printButton.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 917803625359b1e186e59ac1f51a27534483196f1afe046244adc782154e301c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:54 GMT
last-modified: Mon, 02 Jan 2012 00:59:59 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 379
expires: Fri, 01 Dec 2023 21:17:54 GMT

GET
H3 200 rating-plus-on.png
defaultpassword.us/components/com_chronocomments/images/ 556 B
814 B 99ms
98ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/rating-plus-on.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 9b5cb4899c757d8f3785742cd919ee4c8117bc6d96dc8b84bcf77b472a6d6105

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 556
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 rating-plus.png
defaultpassword.us/components/com_chronocomments/images/ 578 B
598 B 100ms
98ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/rating-plus.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: bc878d167abfe61265f68dc708521b32cc9fcc6a239a194e85c31db92e61f3c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 578
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 rating-minus-on.png
defaultpassword.us/components/com_chronocomments/images/ 522 B
541 B 118ms
108ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/rating-minus-on.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 86206484892026f976f8cc0a0a3bf5ee3620c102ada60f3f1ef75546f307955c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 522
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 rating-minus.png
defaultpassword.us/components/com_chronocomments/images/ 529 B
549 B 117ms
107ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/rating-minus.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 51eef9bb95fda685d270351bdbe9b28253eba85f297ed67cad2fc9e9290798d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 529
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 rep-score-left.png
defaultpassword.us/components/com_chronocomments/images/ 228 B
247 B 130ms
120ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/rep-score-left.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 2c5fb4011dcb582f784b36c56d9925e8d633fb67595dd7269f9fd718afa076a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 228
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 rep-score-right.png
defaultpassword.us/components/com_chronocomments/images/ 246 B
266 B 120ms
110ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/rep-score-right.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 47c0c410f8fd6c52c91dc608366a00197dd4d953b98f30e09b323c97865e7fdf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 246
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 arrow.gif
defaultpassword.us/components/com_chronocomments/images/ 84 B
103 B 120ms
110ms Image
image/gif 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/arrow.gif
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 1a2dea11787a549e24840cd57ac04d6c6d046f7e41c4420e5e7c3eb4db65f78f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 84
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 button.gif
defaultpassword.us/components/com_chronocomments/images/ 1 KB
1 KB 117ms
108ms Image
image/gif 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/button.gif
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 452599f3f0e5a484417df3ad01ed8965beb4ac79fa18cd073feafae5f6b12310

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1359
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 arrow.png
defaultpassword.us/components/com_chronocomments/images/ 237 B
257 B 120ms
110ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/arrow.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 90a57f317fa4ca67e4d2a87f9b7d71fcc265393ae067a5610905b54d1b99dfdc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 237
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 avatar1.png
defaultpassword.us/components/com_chronocomments/images/ 2 KB
2 KB 118ms
109ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/avatar1.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: db7baccef2c2c34e925214cfaa620203834e818fe0ea83d64936e66b69733a4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1554
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 button.png
defaultpassword.us/components/com_chronocomments/images/ 564 B
584 B 143ms
134ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/button.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 3faf90a5194c60062644f1b9682131bcff3db398489bf5f13aca6bc93415998c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 564
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 comment-header-bg.png
defaultpassword.us/components/com_chronocomments/images/ 148 B
168 B 145ms
135ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/comment-header-bg.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: b5ec79db77727b5704ed58480a13866f37dbf53b3d7aa50b03e3139ed8487f7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 148
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 rep-score-center.png
defaultpassword.us/components/com_chronocomments/images/ 130 B
149 B 125ms
115ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/rep-score-center.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: ffa5fa7d068187d679bdbcd79e8ba3f11fe511e8e676e1df0a103311fc70536f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 130
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 bg-box-bottom.png
defaultpassword.us/components/com_chronocomments/images/ 1 KB
1 KB 125ms
115ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/bg-box-bottom.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 00eb4919d83af15b012ef0da0b1012dedaae55807423258a300c8d6e5d9a8ab2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1095
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 bg-box-bottom.gif
defaultpassword.us/components/com_chronocomments/images/ 323 B
343 B 142ms
132ms Image
image/gif 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/bg-box-bottom.gif
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: a6635fe3019431e9d2f897202aa92754787b398cb5b7758259db1b942b633b73

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 323
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 bg-box-top.png
defaultpassword.us/components/com_chronocomments/images/ 693 B
713 B 145ms
135ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/bg-box-top.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 93ede442328b91b5f5c6cb6f553e3bb9915593ef78889c369da022b63a596384

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 693
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 bg-box-top.gif
defaultpassword.us/components/com_chronocomments/images/ 264 B
284 B 142ms
133ms Image
image/gif 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/bg-box-top.gif
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 4d49f3103a8f901180cf23db9136767411423ebc36e6811b7225b7f1a0854cb3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 264
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 bg-box-body.png
defaultpassword.us/components/com_chronocomments/images/ 567 B
587 B 132ms
123ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/bg-box-body.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 3f00d471beda3236d7d87dbacccfdf3f031a8acd76f1c02afa87d6e4bdede6a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 567
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 bg-box-body.gif
defaultpassword.us/components/com_chronocomments/images/ 461 B
481 B 144ms
135ms Image
image/gif 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/images/bg-box-body.gif
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 12f21df526f90682ad5823e87b2ef8f0921bbf841b2d0fc93f685192fef5f6f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 461
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 loaderb.gif
defaultpassword.us/components/com_chronocomments/ 9 KB
9 KB 119ms
110ms Image
image/gif 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/loaderb.gif
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 229b555e9199ffa5209a18ed5f75d34128ba2f58921849f8eaad92be08ede149

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 01:00:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8787
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 loaderw.gif
defaultpassword.us/components/com_chronocomments/ 9 KB
9 KB 126ms
117ms Image
image/gif 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/components/com_chronocomments/loaderw.gif
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 35566dc53f4114c065d80c870d0a77fffc3105a61bc1f4624f1c531c517d357b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:59 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8787
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET counter.js
www.statcounter.com/counter/ 0
0

GET
H3 200 mw_shadow_l.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 224 B
266 B 145ms
136ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_shadow_l.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 49ba8be264e9ebcdcccefae3b4ef361684079288fda41c69cd111f38ad0787ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 224
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_shadow_r.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 221 B
240 B 146ms
137ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_shadow_r.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 1df1cb1d5b085b0030dfa4ca33051a63a6b4bbab28cf85d5831d813e8cb5e78f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 221
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_header_t.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 363 B
383 B 187ms
178ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_header_t.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: a4f55778ab8037c1ff47ab028b9c967236bdbe36d56414ae409f2f4ed635f8f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 363
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_header_t_l.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 739 B
759 B 145ms
136ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_header_t_l.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 4f71942563d6e0caed1586db76b306effc3f52066d6a5382bddff062aab8da50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 739
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_header_t_r.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 856 B
876 B 146ms
136ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_header_t_r.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 0951a3f6f3674a4504f19f074058d304f08ec9f57545f6c37a61a3376614653e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 856
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_joomla_logo.png
defaultpassword.us/templates/rhuk_milkyway/images/ 13 KB
13 KB 131ms
121ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_joomla_logo.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 817b7a132bd64eb29841f7ddc981b1994e4c2a0fcd565248960ffc32421d2752

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13483
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_header_b.png
defaultpassword.us/templates/rhuk_milkyway/images/ 239 B
259 B 146ms
137ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_header_b.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 3947678739f31430f6e1386abe5c6e83d1b65ab52e8e8961d81a3790b7da3fba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 239
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_header_l_b.png
defaultpassword.us/templates/rhuk_milkyway/images/ 236 B
256 B 191ms
181ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_header_l_b.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e4607257991062b9a277cce9a61abef0cc3534ff27ef7fccc21832e8b26d0950

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 236
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_header_r_b.png
defaultpassword.us/templates/rhuk_milkyway/images/ 243 B
263 B 146ms
136ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_header_r_b.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e5dda32a36ae98a618f3d12fdbea8f0c57f68fb92035277e8993774899f511a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 243
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_menu_cap_l.png
defaultpassword.us/templates/rhuk_milkyway/images/ 384 B
404 B 208ms
198ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_menu_cap_l.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 7f169f96e617411c0dffebf360e76f1c50acbaa67a4e8b0507631dbc8ba3beb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 384
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_menu_normal_bg.png
defaultpassword.us/templates/rhuk_milkyway/images/ 273 B
293 B 189ms
179ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_menu_normal_bg.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 3712c8e71d0b027d011350d084f0f358aafdcacb2feb2f2cd6045f9fd1b4744d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 273
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_menu_cap_r.png
defaultpassword.us/templates/rhuk_milkyway/images/ 709 B
729 B 213ms
202ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_menu_cap_r.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 95459e3e1eba1a0c20605b915a30e4099561b6dcd53a6b000b44b25813bcc8d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 709
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_content_t.png
defaultpassword.us/templates/rhuk_milkyway/images/ 203 B
222 B 190ms
180ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_content_t.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 819f1e28783021c0b565ed231c2d4440ba5293b8ca0f2a3e1715dc8ca5ef8997

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 203
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_content_t_l.png
defaultpassword.us/templates/rhuk_milkyway/images/ 329 B
349 B 185ms
175ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_content_t_l.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: c01b6d0ea3cb6a1358f90f5c9681bc50df2ba439d184e7df0f05ab11456ea436

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 329
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_content_t_r.png
defaultpassword.us/templates/rhuk_milkyway/images/ 342 B
362 B 189ms
179ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_content_t_r.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 13926a8a0d63182ef30917a4a936394a72c20929454b79cbd6124ab52788d615

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 342
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_box_br.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 2 KB
2 KB 140ms
130ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_box_br.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: ace69168adcb8d85c57e8dd6a06876e932bd1b320aec11c118aa5a56ccea09a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1666
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_box_bl.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 344 B
364 B 208ms
198ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_box_bl.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e22497decab5e516d54eb70c8bd3c0093fb99f77591c645bd121fb9d541f6556

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 344
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_box_tr.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 349 B
369 B 206ms
196ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_box_tr.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: c92b0e11f4c6167a7730a52ecb65c43602ea321a01ae37ca58deb4e6545bccff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 349
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_box_tl.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 310 B
329 B 207ms
197ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_box_tl.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e870455d244bf2db0924de127630d0f506b3138b2815d5f75a3940c2fe011943

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 310
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_line_grey.png
defaultpassword.us/templates/rhuk_milkyway/images/ 207 B
226 B 210ms
199ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_line_grey.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: b0b286c743c911f58613d9bfa5fd7c816f370a2cb12e25393857939d5e3cf3e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 207
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_content_b.png
defaultpassword.us/templates/rhuk_milkyway/images/ 216 B
235 B 210ms
200ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_content_b.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: a6a898db1d26ad25fe3678a4a75f826c82e9b528d52ba48130c750985d3679de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 216
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_content_b_l.png
defaultpassword.us/templates/rhuk_milkyway/images/ 320 B
339 B 210ms
200ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_content_b_l.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 2e0d05288cf363c5339457e87961bc809defc6bc6495218bf650829bb35a3d30

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 320
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_content_b_r.png
defaultpassword.us/templates/rhuk_milkyway/images/ 326 B
346 B 211ms
201ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/mw_content_b_r.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 7a60808f268f358768b2eb29ab786106b638764e9891f81bed0ce856792e2c54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 326
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_footer_b.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 351 B
371 B 206ms
195ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_footer_b.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e9d95adb4021114724ca3401138f26a02a679633bd43c1f9ee9ea17ae65cd97b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 351
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_footer_b_l.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 614 B
634 B 207ms
197ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_footer_b_l.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 5395c28d179bc90a53e0a96f55d227ee9576fd61d260799b953435cb443b21b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 614
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H3 200 mw_footer_b_r.png
defaultpassword.us/templates/rhuk_milkyway/images/blue/ 569 B
589 B 210ms
200ms Image
image/png 198.252.98.72
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defaultpassword.us/templates/rhuk_milkyway/images/blue/mw_footer_b_r.png
Requested by: Host: defaultpassword.us
URL: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.98.72 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.72-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 9b5bcbbfa6ee566931977b6b7fab31ac1afc749a6eec60297c5470c78a1fdd5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/templates/rhuk_milkyway/css/blue_bg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
last-modified: Mon, 02 Jan 2012 00:59:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 569
expires: Fri, 01 Dec 2023 21:17:55 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 171ms
171ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8789c89b59d311603e26e92c0d625f3de7875846ec3f17cab65fd15a3a6db27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138492
x-xss-protection: 0
server: cafe
etag: 12212986070598704322
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:17:55 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame E536 9 KB
4 KB 184ms
60ms Document
text/html 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://defaultpassword.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 37151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 10:58:44 GMT
etag: 111328227650088477
expires: Fri, 08 Dec 2023 10:58:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6665 609 KB
116 KB 906ms
904ms Document
text/html 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2776142838085519&output=html&adk=2719059975&adf=303910241&lmt=1700860674&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fdefaultpassword.us%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700860675332&bpp=4&bdt=581&idt=297&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6245747086570&frm=20&pv=2&ga_vid=362489284.1700860676&ga_sid=1700860676&ga_hid=176703643&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809055&oid=2&pvsid=606113465611453&tmod=193097263&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=315

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ef9fa47875e85a57565b49e6a0760db63463dc7e4d52d18399831a72d29cf01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://defaultpassword.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 118810
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 21:17:56 GMT
expires: Fri, 24 Nov 2023 21:17:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 224ms
95ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

927ac15accc3be7c2dd4c309e3fb08e1be531ed5a4cea1de5cab5bb4fbc6edf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12295
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 99ms
99ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js?bust=31079653

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d05b917076aeb2e4518e25eb75f8f08c16e4638c041ab3db862f6b38c296e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55789
x-xss-protection: 0
server: cafe
etag: 10939946058924832248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:17:56 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame D326 9 KB
4 KB 62ms
61ms Document
text/html 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://defaultpassword.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 22:58:18 GMT
etag: 111328227650088477
expires: Thu, 07 Dec 2023 22:58:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame C2E7 9 KB
4 KB 61ms
61ms Document
text/html 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://defaultpassword.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 22:58:18 GMT
etag: 111328227650088477
expires: Thu, 07 Dec 2023 22:58:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 2461 9 KB
4 KB 62ms
60ms Document
text/html 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://defaultpassword.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 22:58:18 GMT
etag: 111328227650088477
expires: Thu, 07 Dec 2023 22:58:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame DAC8 9 KB
4 KB 66ms
65ms Document
text/html 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://defaultpassword.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 22:58:18 GMT
etag: 111328227650088477
expires: Thu, 07 Dec 2023 22:58:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 323ms
198ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 21:17:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame D326 4 KB
744 B 188ms
64ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Nov 2023 21:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 19:45:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Nov 2023 21:17:57 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 92B7 9 KB
4 KB 337ms
198ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 21:49:45 GMT

GET
H2 200 550964233668833c70e8a0f193337640.js Show response
www.gstatic.com/mysidia/ Frame 92B7 172 KB
63 KB 212ms
73ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/550964233668833c70e8a0f193337640.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c3a239dc3b7e0a74e2557957294fac25f4cf7f6f9d15bc4af042c251dbc3d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64262
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 09:46:48 GMT

GET
H2 200 1290528a0f60de16515866847082b13a.js Show response
www.gstatic.com/mysidia/ Frame 92B7 20 KB
9 KB 204ms
65ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 20:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8379
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 20:11:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 92B7 11 KB
2 KB 168ms
62ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400%2C500

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5688319ea093a91c367a5f64f22b2012affd2a2bf80a8e31a6f4e02c67fb1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Nov 2023 21:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 20:45:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Nov 2023 21:17:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 92B7 2 KB
903 B 196ms
145ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 06:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 06:09:41 GMT

GET
H2 200 55c07926d0961c7899d23978ffa28542.js Show response
www.gstatic.com/mysidia/ Frame 92B7 6 KB
2 KB 336ms
200ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/55c07926d0961c7899d23978ffa28542.js?tag=analytics_pingback_2019

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2242
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 02:38:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 92B7 23 KB
9 KB 183ms
133ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 18:25:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 92B7 3 KB
1 KB 180ms
130ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 05:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:27:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 92B7 20 KB
9 KB 108ms
59ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 06:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 06:38:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92B7 202 KB
64 KB 189ms
62ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:17:57 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 92B7 37 KB
15 KB 337ms
202ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 03:55:18 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame D326 15 KB
7 KB 122ms
77ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 06:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 06:08:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D326 205 B
520 B 348ms
218ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 12:13:03 GMT
x-content-type-options: nosniff
age: 205494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Nov 2024 12:13:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D326 604 B
696 B 186ms
185ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:16:35 GMT
x-content-type-options: nosniff
age: 259282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Nov 2024 21:16:35 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame D326 21 KB
9 KB 112ms
68ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:58:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 23:58:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C2E7 23 KB
9 KB 183ms
166ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 18:25:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0763 143 B
166 B 62ms
61ms Document
text/html 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 20:36:08 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2E7 3 KB
1 KB 162ms
148ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 05:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:27:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2E7 20 KB
8 KB 135ms
122ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 06:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 06:38:40 GMT

GET
H2 200 6382897673985105682
tpc.googlesyndication.com/simgad/ Frame C2E7 11 KB
11 KB 259ms
246ms Image
image/png 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6382897673985105682?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmGv4L-vAj0LYLbbUTYweCfrgm1YQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c08ab2e236a5cc8d47291e9a9942c90dfd24b121b842faf677d19b744c54cbcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11023
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 13:09:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Nov 2024 21:17:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2E7 202 KB
64 KB 345ms
254ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:17:57 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2E7 36 KB
15 KB 162ms
150ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 16:09:46 GMT

GET
H2 200 6382897673985105682
tpc.googlesyndication.com/simgad/ Frame 2461 11 KB
11 KB 243ms
243ms Image
image/png 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6382897673985105682?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmGv4L-vAj0LYLbbUTYweCfrgm1YQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c08ab2e236a5cc8d47291e9a9942c90dfd24b121b842faf677d19b744c54cbcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11023
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 13:09:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Nov 2024 21:17:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 2461 23 KB
9 KB 178ms
177ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 18:25:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A74B 143 B
166 B 64ms
61ms Document
text/html 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 20:36:08 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2461 3 KB
1 KB 183ms
180ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 05:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:27:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2461 20 KB
8 KB 169ms
166ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 06:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 06:38:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2461 202 KB
64 KB 295ms
230ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:17:57 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2461 36 KB
15 KB 200ms
200ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 16:09:46 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DAC8 41 KB
14 KB 205ms
205ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: defaultpassword.us
URL: https://defaultpassword.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:26:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:26:34 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DAC8 36 KB
14 KB 170ms
170ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:57:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14410
x-xss-protection: 0
server: cafe
etag: 7890425002344327526
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 23:57:56 GMT

GET
H2 200 15756900888459028787
s0.2mdn.net/simgad/ Frame DAC8 130 KB
131 KB 190ms
65ms Image
image/gif 2607:f8b0:400d:c0b::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15756900888459028787

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::95 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8a0410d318ed395529cb3cb3f331cb615d2a74daa0bf070d0ca51b805d429f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133567
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:13:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 21:17:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DAC8 3 KB
1 KB 214ms
212ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 05:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:27:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DAC8 20 KB
8 KB 197ms
195ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 06:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 06:38:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAC8 202 KB
64 KB 225ms
176ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:17:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame DAC8 23 KB
9 KB 214ms
213ms Script
text/javascript 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 18:25:36 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0763
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
64ms

Document
text/html

2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 21:17:57 GMT
expires: Fri, 24 Nov 2023 21:17:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 21:17:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A74B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
64ms

Document
text/html

2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 21:17:57 GMT
expires: Fri, 24 Nov 2023 21:17:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 21:17:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBAC 13 KB
5 KB 62ms
60ms Document
text/html 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://defaultpassword.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 139156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 06:38:41 GMT
expires: Fri, 22 Nov 2024 06:38:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 03FF 829 B
997 B 87ms
86ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17fdde6778e646fa50486d7a30f4e246a0f66e57ad3f4f12459d2ae2280e92c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HRpdejFRqvY3VdnsfPjDsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://defaultpassword.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-HRpdejFRqvY3VdnsfPjDsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 21:17:57 GMT
expires: Fri, 24 Nov 2023 21:17:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame DAC8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75722b141f4aad645e2e8c2e27de71f31b000f8b5b2a0a573647b9f541c7ca6c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 907B 38 KB
13 KB 62ms
60ms Document
text/html 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 74760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 00:31:57 GMT
expires: Sat, 23 Nov 2024 00:31:57 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame CBAC 39 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 10:38:46 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 92B7 0
225 B 270ms
83ms Ping
image/gif 2607:f8b0:4001:c0e::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpd4j5zu&c=3246170025864&slotId=1623085012932&qqid=CJPsjuPH3YIDFbuOjggdUqQI5g&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/550964233668833c70e8a0f193337640.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c0e::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 21:17:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/T2CkvYHLgbk/ Frame 92B7 8 KB
9 KB 209ms
64ms Image
image/jpeg 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/T2CkvYHLgbk/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

426407faf6f5d430bfb416e6cc2b8d4994db38686c0e98a919ba0b2d7f4c7537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: sffe
etag: "1698663285"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Nov 2023 23:17:57 GMT

GET
H/1.1 206
Partial Content videoplayback
rr3---sn-q4fzenee.googlevideo.com/ Frame 92B7 1 MB
1 MB 235ms
67ms Media
video/mp4 2607:f8b0:4000:25::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-q4fzenee.googlevideo.com/videoplayback?expire=1700889476&ei=BBNhZbL5FKzAsfIP3tqMmAI&ip=2001:550:1d05:1::6&id=4f60a4bd81cb81b9&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=QK&mm=31&mn=sn-q4fzenee&ms=au&mv=m&mvi=3&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.394&lmt=1698663224875048&mt=1700860370&cpn=F-BOxzdqpCE1a-od&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRQIhAMzGHhc1uoHMuSAHkzUSTsZF5wdKWZgIvb3CIt8iGahVAiA2XWjt4NQs9vqhKgpBvub9npsnROBhxKduymT5d4towg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgGrbv3wsCmLqW4q9HrYr4r3qf2bwl3mfxM-jRNSxIPqsCIEZmyvIzg0-XD0Uzk4woa1ebCTw447ig6JbQ4_dStnr5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4000:25::8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f905666d094994ce08119d631f65d93f6f1242050b5bd9289310fa538e195c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 24 Nov 2023 21:17:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Oct 2023 10:53:44 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1069941/1069942
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1069942
Expires: Fri, 24 Nov 2023 21:17:57 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92B7 0
20 B 91ms
91ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGHJlY3RhbmdsZS1wb3J0cmFpdC12aWRlbwoKCAIqBnNlcnZlcgoNECshAAAAAACgZEAwBAoNEAMhAABoZmb2eEAwBAoNEA0hAAAAgJmZuT8wBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAwGZAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAACAGfVAMAQKDRASIQAAAAAAABxAMAQKDRATIQAAAAAAAABAMAQKDRAXIQAAzMzMHHxAMAQSGkNKUHNqdVBIM1lJREZidU9qZ2dkVXFRSTVnIh1ncGEvZHluYW1pY19maWdfd2ViX2Jhbm5lcl92Miga

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 21:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 03FF 0
0 90ms
90ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=606113465611453&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 907B 39 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 10:38:46 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DAC8 0
810 B 242ms
111ms Image
image/gif 74.125.192.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstB9I2SfTUyvKaOwAJSIyPaO0Eokx_MuLv6hHlUno2v5IqOxhiS7kp--b1goe010lMjQcxHb92T4uj6qli0CsGD12Ggs2K4PqBSoXFCrocU6WnOVFoUhsBWjlT16_Lh4x__nh1GnVi-vWPq1YkcyXgTU8ijpGDAJ3tWJemjgouuOtvEwhCfthwDK-zLhPp52aQyCpelE9d7Npiv_yMX29B2ajIwD-mw5qvplimTJGfNmZOzGjwKqNjrk0OTNgC7HMTpl580NPZR2mxWGRN5fu-bT-xjqeEJ9FBAuVQebpsz-royu2pq24H84bGf1Q7s1FXXiNf4UdVXeGWtJ-ly0xwBbwEvNpFu7Fjt_JPF2A44sEmoYm13me_01bX_NfzPiHzJzDUk35C_LUAgPI8dPxYTNin82Nn_UFiFyNxGqIC_weUabJgokOjkn3xNKRLe2fI6A9KS7w6ItPzRpP_EA1afqYfI7AJ6udbpP5i52qh8P9WLvKvO7SoiA2rGBvKkWLolL86rKqmhBuoDfuUAwB4uucDHNznczmh9xFNyyDZYXLvzVvgFIPVYa_DjBxdfjj-c26Td06f6Rmh5sBQI-2aP7vPrtYR-OnI6TQs36YT8SEP8oHDVCWUI7WKL5gpxuh4iPSBaYhyeu3pIMeWdP7ELOh2XWua2osx3A-7wIz0eLJOEr8PB6REDpnnhSk5FRX8Fuwmhk-yN3rhmN_Sor9O1TRIWEZ6DYu-MPqAIOuDdixrBsFYZpHFQ5SnWHF998MzDVtpGm59gCH9gIUs-nb2jpEO3vdRxnffs62mH-hBK-zx91BfCPskZ81cVAZ6mOaXqjLfKP0ZXocOKXcwMi9O5bLbBvSuwI-49YVZtd2iAdhxaJGKWrhzBSlAELku8Bj2g62Pj8H4e3Lpr6pz1EWGTfNGyBWI6CkS0c1v3XVyb9CQG6TumVvA_T_tONsktEBWOrBflvL4hBkohHjjIL0OSd2kS3KrNDdzB8baACwXweU1Gp7DD0hEKaC1GOUNXcejTtvmCPhg_14vgTqDkrj07ItBJSNe3uUoHTtBl7_vobZfV9-IDPAC5il6saJ5KrfaGYDwVgMDWQiEP0Mq5VaPq3riErRSIyMiRpC0UEr65BRolxRhqwPFe4NToMrTBEdwqGsRSXHkYR4wIO-rPQgSSPz_NQpDkDXe-356nx9Uy-WPNcgcmO6dU0q8SHweKTKoIPvQllHatthtfGiIyIWeAuY0HQe2xTGT_eE5VzRtw2hKThWCbvbtF1YgULEgYUXYU8wMtVxNAPqYEI2WQhNiYL0WpGk2ngQwYiwgPY5_WRbul4sm-8tz0e5eqAxjDS4iGGW2hgU26hNp2--qRa3BzKN0fmIo_ri2JhxR9Ze6bG7PnwaMgDCjs0XWKLzouYc7j1SoHcvF80LYAV6KheZJwgA7rxkdPBT0NzAXqfISuJREN8UHV6fxstlyt2ckhBBB53LUnEvj_0HwgSNOpmmifvqWFOoDuuxZzvUqmnLGYMj87d0rs3LFL1cxO_FrfMSFXz1zjj6nZ69_0gNprkHkNB38YdTrirboH14S5YcnS8CM3bn9qU7_M7m5TTgBaYKKr-k8cjEbXCTVWThgGyLIQ&sai=AMfl-YQVBYul7mhfmkwkkM_wqoJdzJ-ZL4oFCi-595ZKk4yMt4G9pEqnN95mKBvR08QDGWrn4jkT8t1XZMtt8WA8pO-FFYjvKW3d2m4zoc9cdBZStHNOKlCmyOwI1NBZgkxCQfaDO_e0Hw0jYgTnfuH2zk2lhgxxt-mcpa8mP49g1iPOxvr3GrHRusIU5zrELcLfSVVRhMoUYEXaKsvrs4TKcJwm5Bwf7oTjOulXgGoUKblDgDf3_UC2OfcxuZuBSqPP4CcHn8C1QOVm1KszkQTFOrHFNjsxbcZGolnqntMZbKENmdmk3aPUaei2BYtWR-OGg0IiuHN5kMkiECTc2TGw7FwlloAE2oNrPyszLvwpAw-8lCPTUCgOO5Arx1pmpwCEZXzgo8P4sR8K4d4MWM7NxbiL3uNi_rC2ekaR7c3xJ0PpBYIUoXYcXB-IvCIMcGUklzqxPz3REsyvhykIjH-pC4aXG23RtpUHlvyAxmg8O9Nu4PYYoJQ7qicNPsvbog&sig=Cg0ArKJSzIybUkPgRZUuEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&cbvp=2&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Nov 2023 21:17:57 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:17:57 GMT

GET
DATA 200
OK truncated
/ Frame 2461 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15a3848dc77640fd9584978b7ad7b068e2831c9e024f3cb734ac9c6807db154a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C2E7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dee1e2e59194985566cf7421308f9841c218cbc6bea785bcf2c30a266bede032

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 202A 38 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 05:28:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 05:28:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2461
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ChE7AAxNhZdXeLLuduvQP0siisA7f6smzdJaRv97-EbCQHxABII3GmQJgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoE3AFP0KR1YT0KsVIkjrVBG5omJaW6NcRQFYRrTSqML90-oprnAWO...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda282f56f3c36af80000000000000000%22,%222%22:%220x4032bcee2254ba510000000000000000%22,%223%22:%220x66d169...

0
0

210ms
102ms

Fetch
text/css

173.194.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda282f56f3c36af80000000000000000%22,%222%22:%220x4032bcee2254ba510000000000000000%22,%223%22:%220x66d1690b90fbed5f0000000000000000%22,%224%22:%220x9af668c4ef82fe8b0000000000000000%22,%225%22:%220xde153f6741a0eb8f0000000000000000%22},%22debug_key%22:%2211751576629159222125%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212428080154214654401%22}&andc=true

Protocol

Server

173.194.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xda282f56f3c36af80000000000000000","2":"0x4032bcee2254ba510000000000000000","3":"0x66d1690b90fbed5f0000000000000000","4":"0x9af668c4ef82fe8b0000000000000000","5":"0xde153f6741a0eb8f0000000000000000"},"debug_key":"11751576629159222125","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["11-24"],"6":["true"]},"priority":"500","source_event_id":"12428080154214654401"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Nov 2023 21:17:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Nov 2023 21:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xda282f56f3c36af80000000000000000","2":"0x4032bcee2254ba510000000000000000","3":"0x66d1690b90fbed5f0000000000000000","4":"0x9af668c4ef82fe8b0000000000000000","5":"0xde153f6741a0eb8f0000000000000000"},"debug_key":"11751576629159222125","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["11-24"],"6":["true"]},"priority":"500","source_event_id":"12428080154214654401"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F27 38 KB
15 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 05:28:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 05:28:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C2E7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Copd5AxNhZdTeLLuduvQP0siisA7f6smzdJaRv97-EbCQHxABII3GmQJgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoE3AFP0BMW6Dbj3uFq4ZCnR6ZJub3Mqp4TspKPjqjSPnmJvP8CRDv...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda282f56f3c36af80000000000000000%22,%222%22:%220x4032bcee2254ba510000000000000000%22,%223%22:%220x66d169...

0
0

211ms
103ms

Fetch
text/css

173.194.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda282f56f3c36af80000000000000000%22,%222%22:%220x4032bcee2254ba510000000000000000%22,%223%22:%220x66d1690b90fbed5f0000000000000000%22,%224%22:%220x9af668c4ef82fe8b0000000000000000%22,%225%22:%220xde153f6741a0eb8f0000000000000000%22},%22debug_key%22:%2213362681767919057161%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216153265850207638865%22}&andc=true

Protocol

Server

173.194.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xda282f56f3c36af80000000000000000","2":"0x4032bcee2254ba510000000000000000","3":"0x66d1690b90fbed5f0000000000000000","4":"0x9af668c4ef82fe8b0000000000000000","5":"0xde153f6741a0eb8f0000000000000000"},"debug_key":"13362681767919057161","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["11-24"],"6":["true"]},"priority":"500","source_event_id":"16153265850207638865"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Nov 2023 21:17:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Nov 2023 21:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xda282f56f3c36af80000000000000000","2":"0x4032bcee2254ba510000000000000000","3":"0x66d1690b90fbed5f0000000000000000","4":"0x9af668c4ef82fe8b0000000000000000","5":"0xde153f6741a0eb8f0000000000000000"},"debug_key":"13362681767919057161","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["11-24"],"6":["true"]},"priority":"500","source_event_id":"16153265850207638865"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CBAC 0
10 B 61ms
61ms Image
text/plain 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vcYX2w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:17:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 230ms
102ms Preflight
text/html 173.194.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 24 Nov 2023 21:17:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 181ms
101ms Preflight
text/html 173.194.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda282f56f3c36af80000000000000000%22,%222%22:%220x4032bcee2254ba510000000000000000%22,%223%22:%220x66d1690b90fbed5f0000000000000000%22,%224%22:%220x9af668c4ef82fe8b0000000000000000%22,%225%22:%220xde153f6741a0eb8f0000000000000000%22},%22debug_key%22:%2213362681767919057161%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216153265850207638865%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 24 Nov 2023 21:17:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5393 38 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 05:28:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 05:28:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 907B 0
20 B 94ms
94ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Biv-vAxNhZdbeLLuduvQP0siisA4AAAAAOAHgBAI&bg=!Li2lLWLNAAZxrfrxUa07ADQBe5WfOBdywI2H14ep0kLs3oTruwAX8tiaBfPYd8L87xJjLRjrvbhvbLTO3SqptYZdnuRBAgAAAMZSAAAABGgBBwoAJ9vtZv4NVupAZp1Q8m2FklqRkQ6iAMdH08ERVGqqRjlgyV5Do2XuiZkC65eVk9bJlm9MFc14JOD-rxwcVi8emxz8w3WX6ozrN5y-TJJme9uOU74icZCRSNrkV-QTok1zlsYH-MZlFMJDQGc-roWPdaveKXiNWSbhpLqa1A9v7dICYMJq5pVJEoBbAhEYsWPT3XERi-DIuVlLz61nbH8BGy9IzO6hVSlYWUpBCxCWFHcj0Z1PTgQbo69c8yW-Ca3SBksoHRAekwFEA00qyx6pf2xIEwo7ll_lZWtKcAu4Yhd8TRiB1p6vX0RJka-pjlV57BW44DcWlxJZ_t89eLRbnZPgz6gSFs71DUXU13IFCNUg0Up2Pniz5FO67vodP_52Gh-YmZvMyztWuVqKdYKmWZtT-lKWGU_KmVBAUkCC9DywM4KhmMX9EbfEwOqfMM4gwJvXF1daTZ1_jATQL7plT2RAZCrWsc7KQJWFLuPLnu7PuMCTJ0Eoc4mnClCzVGemmNLKMG5XJ9bBRmVkzEGtvEmA_XZpgdWigwKpLxo-i0nU6_t9tj_FBlRS0lco7sr62qP0_mCo1BwEoU8zaerHLDThHkpaoMT-H5J8d5pRn_FuHwKZ3-UzitIRPa8o0AFlvI_yyTCOEo7HPcNWnlho9_UmJIJ-Qrerf2k7aIiIh_wQ1P7IPmyQu4LAMIzAHIh-LZGqL8GVUibvy116pQ-kWUc0ZLHWSEBS3bVkUjBByUjafdR4knyia5ztAAEQCoFhE30E9ma5idFvz47A-ITsk_ClTXKhBxO8C4FCBX9J7s4nzykJa9DEuq47sdrNyIwJubO_9lvgJwjBWRNaqbHyU7ITQCh-T6SU0aEu5avfkPhZ4GYaxuehVle6rAh2-OwkYHeyxqGtOzAK_A9Wzcal267SEnLfnmjYeKP-vGUCtz3S27Haiiteo3Ipml-fWYxOkkiSd6KW_2nOzr3lNi8L7h0CSq6BLAkSUc318DTld76gxBuSv0E5XGmXf6bSSFDuQcP6dcEEeASLEimouHhwu_Z1F80vwQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 21:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92B7 0
20 B 91ms
90ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGHJlY3RhbmdsZS1wb3J0cmFpdC12aWRlbwoKCAIqBnNlcnZlcgoNEBQhAAAAANCT90AwBAoNEBUhAAAAAAAAKkAwBAoNEBYhAAAAAAAAGEAwBAoNEBghAAA0MzMvi0AwBAoNEDIhAAAAAAAAAAAwBAoNEDMhAAAAAAAAAAAwBAoNEDQhAAAAAAAAAAAwBAoNEDUhAAAAAAAAAAAwBAoNEDYhAAAAAAAAAAAwBAoNEDchAAAAAAAAAAAwBAoNEDghAAAAAAAAAAAwBAoNEDkhAAAAAAAAAAAwBAoNEDohAAAA0MzM7D8wBAoNEDshAAAA0MzM7D8wBAoNEDwhAAAA0MzM7D8wBAoNED0hAAAA0MzM7D8wBAoNED4hAAAAAAAA8D8wBAoNED8hAAAAAAAA8D8wBAoNEEAhAAAAAAAA8D8wBBIaQ0pQc2p1UEgzWUlERmJ1T2pnZ2RVcVFJNWciHWdwYS9keW5hbWljX2ZpZ193ZWJfYmFubmVyX3YyKBo=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 21:17:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=606113465611453&bg=!W1ilWBfNAAZxrfrxUa07ADQBe5WfOBYZ1dpkwKhwny0Tq-UkyKQui2noM7Xbv2ChFjbADW7FrL7f8NDmkk7tG58b19YOAgAAAMxSAAAAAmgBBwoAgb367LBQ_c0L1CxxJ6OWY5LMxEkfBvcclFxE7lJu3NlVFzesP9_NMVoSFw_zdRlbNK3FnK6FIvNUD-S6k2KB2rGU8HpEEhGo35KiM9YjzFMP-BDKZnE1XSfFOru0qVMhgOh_TuQyIRzJGMWw1h3WuFgjYwstckklk5axms5yVC5fKZkCy6JJU477t9bgn-w-cu7ToKCvITrh7EHq8ttbXGztW1a0zPhBmICI9gLJ-iDMjVLEP-am3QxIPzwbNeRFFr9AHucgzBzbHoA29Hz7HNQh06D9JT3MPUzDiXYg3NChskC3oGx-lDdXvYNxYBhtJxD8gVKhesQpK3v6LR2qHAklyHRidEnTOYby_xZM7oBEOekOhSdWhM82weQ9hNzc0STfWRR-MaTuHJk_jv3JJk3RCrgMelMBqW61Nyvyvy8jSfYHjOThQHakwatwjiey9o5VMi-q1Yw9MBfp7Uuva7rt8QQQ7nOeXTujawjtUm127ZkE2CnRJLRj2uJVa5S1bqhDjGP1PFk6ngxORRXv8xWQVgUvGJGj0YHaAipGG_4vmaA-QdtHycjE-7j0QsVaGcYb7DVK44nQ4Ex1Ez92wgb-1Xrh9gqH7Ggz9mpTNLo_Xq5qCGS0Ld2k5bCAsOvtU2oxw-9O7banljZ4lU6fJdXdzr115j1mADECtVW3A4vCR_xuKnPWzdQLZ5ol8JxdCUN_tlsVakuyA7PZV-DJo-2xYRsjpZMv1dlbgUmyPHuGYXeC_M6xtuciBFPVji1ym97VAPDEMjgjnb8pNVTlPu-TwLfaq9-C3_frskh7ElMRlHPx09j7lGiNV0f5NpYMM6RU2hDk8cSXLD8GnLTCHYQRdeOJ5ejwmyuFa-zfBK0837BTSCwWo4Vh1xpVvvaipfm10EMsiSyZunaaY_W5Fk_rX2GdHSpGQG_3p1scXt8hxVqV9kZTzktlDogmi7Xw5i6oYopeTF7Qvf68WVtoKCC_5VQuEOGHCv2CiM2Vz8mx-iWPfu0a3URnUKMfNPOSHpwHvCQFqn1BVxkw1nf24ryyvC0qhO9T6p4-WbCT-SXh3HzSSmocUMe4nVBghYIkZOftlrpPf4k5fUfOvU5jW8cSor7LCIXfO4Fu2EIYrY8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://defaultpassword.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAC8 42 B
64 B 95ms
94ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3aiG9sAN7-ZIS9jK1ESgV5r8cYYUWEuteroeCGwiik07cLp77HdWuK687jR1IithK5kusTQMN6nIVfL4MOFMEs1bGWp0wIQDSoKqEIh-IowXWAsUmpKs0fxP4qtGc4pqP7_NhsZ4p7R1CrFNBAO8f47upfkTEUb7tQG1im4IGxIoaVvtySetW01DKhiy3R2HIDA&sai=AMfl-YQ_m9cz9M7UCEpcL6B4Bgw-um39UpsopzfMTci0t2GwV2Nbm45d2KhAaIckpGQs5EepFmHZu2RgKoJ_Idlf-reDHYxjx92gtS8G_Hk5wpaaBYRN1178awLw0TpKPHM2ElERHVfm0uNWDDUs0BnAyg&sig=Cg0ArKJSzF6G5cFFxOQeEAE&cid=CAQSTwDICaaNfHNCu8-yFj-cpoCAVhs48s-APh_NsuE542LdrAR8L5bz8exySHnXS4-bcMWuOsTGL68VfDblARIGCqDcQwoRq-u1b38Fl6YIFycYAQ&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,910,1000,1000,1000&tos=0,910,90,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&vu=1&app=0&itpl=20&adk=2719059971&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700860676934&rpt=562&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 21:17:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2461 42 B
64 B 95ms
94ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmAEQuocfPnbKmuVk3YAUGYGcjddQVAamegdi5gqvmxzHuJZVdhq1hxR2CqHhtvweQ-HivBO31GNXcFtX0VfJh6IZHVY8viuHsap2lEtLi8_fPhpWVGQ-Z_QBVbmUwQdhihsZsgvtSvQ&sai=AMfl-YRIix_k33ODp7Dzesil5xD3y6LGDxAwoed5SZIrFSdRXW_xE901YCIlGsoRMpy1xaZa9OZZ9gm9HzMBlOk8wtKjpOuDkxc9x1rRFbr1phFIktHpARKYHwfPdmCPLeMKwIUbfsrF5qbYlJSgroFtoA&sig=Cg0ArKJSzKN_saimvKTyEAE&cid=CAQSTwDICaaNfHNCu8-yFj-cpoCAVhs48s-APh_NsuE542LdrAR8L5bz8exySHnXS4-bcMWuOsTGL68VfDblARIGCqDcQwoRq-u1b38Fl6YIFycYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2719059974&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700860676932&rpt=605&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 21:17:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2E7 42 B
64 B 94ms
94ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQpoP9kcRYBHZQV4K-2Tea5eDfUgoRyszC-0i5PqGk7S7qLzWUVhIIUwb1_VW_niHjd9MR397LDFtPbi_u2-1MB9V1XQP9lqtQKIebHsKHI2r1dwf7gz-twC2hGOCM8DW3aoWDBRgBDA&sai=AMfl-YTVpegVJi-mcmopuiwnD4i-gvC3Bk4y7zpn8fAIZ0tltOTos4ZY5z7JdWkstbKQt1fsG35jOO_TZz6zOGvQwyX2t_PAQaJD1JsW_ykCU3dcND_LEdfl3QxD8EP834RR8AaeW5nwrkBatlMoXWByjQ&sig=Cg0ArKJSzE1NyjHPv_6gEAE&cid=CAQSTwDICaaNfHNCu8-yFj-cpoCAVhs48s-APh_NsuE542LdrAR8L5bz8exySHnXS4-bcMWuOsTGL68VfDblARIGCqDcQwoRq-u1b38Fl6YIFycYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2719059973&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700860676929&rpt=644&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 21:17:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 92B7 0
54 B 84ms
83ms Ping
image/gif 2607:f8b0:4001:c0e::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpd4j602&c=3246170025864&slotId=1623085012932&qqid=CJPsjuPH3YIDFbuOjggdUqQI5g&umsem=0&ple=1&ape=1&met.4=vil.lpd4j6ct~vfl.lpd4j6in
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/550964233668833c70e8a0f193337640.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c0e::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 21:17:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: www.statcounter.com
URL: http://www.statcounter.com/counter/counter.js

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
defaultpassword.us/	1969-12-31 23:59:59	Name: a0449572a381af734a7e7e8c03b43a97 Value: d787mglv11vsn48h1bap751pl5
.defaultpassword.us/	1970-01-21 01:49:16	Name: __gads Value: ID=90616884f30b8ea8:T=1700860675:RT=1700860675:S=ALNI_MbyFxyAqyNF644HOiy1ChHfLMIqdg
.defaultpassword.us/	1970-01-21 01:49:16	Name: __gpi Value: UID=00000da3b1cbd1f1:T=1700860675:RT=1700860675:S=ALNI_MZeEWNe4F4vcD-zRNRB-g_645qVSQ
.doubleclick.net/	1970-01-20 16:27:44	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:03:40	Name: IDE Value: AHWqTUlMicYxvc8AL8s9ufc6NdDTK5RiggM-XDXNbC9LIlAZJEISLEbyuqe6qipKrY0
.googleadservices.com/	1970-01-20 18:37:16	Name: ar_debug Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://defaultpassword.us/ Message: Mixed Content: The page at 'https://defaultpassword.us/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://defaultpassword.us/ Message: Mixed Content: The page at 'https://defaultpassword.us/' was loaded over HTTPS, but requested an insecure script 'http://www.statcounter.com/counter/counter.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csi.gstatic.com
defaultpassword.us
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i1.ytimg.com
pagead2.googlesyndication.com
rr3---sn-q4fzenee.googlevideo.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
pagead2.googlesyndication.com
www.statcounter.com
173.194.175.154
198.252.98.72
2607:f8b0:4000:25::8
2607:f8b0:4001:c0e::78
2607:f8b0:4006:80d::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:821::2004
2607:f8b0:400d:c04::5f
2607:f8b0:400d:c04::71
2607:f8b0:400d:c04::9b
2607:f8b0:400d:c0b::95
2607:f8b0:400d:c0c::9b
2607:f8b0:400d:c0e::84
74.125.192.155
00eb4919d83af15b012ef0da0b1012dedaae55807423258a300c8d6e5d9a8ab2
0951a3f6f3674a4504f19f074058d304f08ec9f57545f6c37a61a3376614653e
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d824c8b104ad2fe36019f4b3238d8c2969ae84008602a1f3d0b96024d6b131a
12f21df526f90682ad5823e87b2ef8f0921bbf841b2d0fc93f685192fef5f6f9
13926a8a0d63182ef30917a4a936394a72c20929454b79cbd6124ab52788d615
15a3848dc77640fd9584978b7ad7b068e2831c9e024f3cb734ac9c6807db154a
17fdde6778e646fa50486d7a30f4e246a0f66e57ad3f4f12459d2ae2280e92c9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a2dea11787a549e24840cd57ac04d6c6d046f7e41c4420e5e7c3eb4db65f78f
1df1cb1d5b085b0030dfa4ca33051a63a6b4bbab28cf85d5831d813e8cb5e78f
229b555e9199ffa5209a18ed5f75d34128ba2f58921849f8eaad92be08ede149
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2c5fb4011dcb582f784b36c56d9925e8d633fb67595dd7269f9fd718afa076a3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e0d05288cf363c5339457e87961bc809defc6bc6495218bf650829bb35a3d30
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35566dc53f4114c065d80c870d0a77fffc3105a61bc1f4624f1c531c517d357b
3712c8e71d0b027d011350d084f0f358aafdcacb2feb2f2cd6045f9fd1b4744d
3947678739f31430f6e1386abe5c6e83d1b65ab52e8e8961d81a3790b7da3fba
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d8ffd05fa2121cd067c6be168eb716b032cc54fca39ac45bbc90b6b1209003f
3f00d471beda3236d7d87dbacccfdf3f031a8acd76f1c02afa87d6e4bdede6a1
3faf90a5194c60062644f1b9682131bcff3db398489bf5f13aca6bc93415998c
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
426407faf6f5d430bfb416e6cc2b8d4994db38686c0e98a919ba0b2d7f4c7537
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
452599f3f0e5a484417df3ad01ed8965beb4ac79fa18cd073feafae5f6b12310
47c0c410f8fd6c52c91dc608366a00197dd4d953b98f30e09b323c97865e7fdf
49ba8be264e9ebcdcccefae3b4ef361684079288fda41c69cd111f38ad0787ec
4c3a239dc3b7e0a74e2557957294fac25f4cf7f6f9d15bc4af042c251dbc3d13
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d49f3103a8f901180cf23db9136767411423ebc36e6811b7225b7f1a0854cb3
4f71942563d6e0caed1586db76b306effc3f52066d6a5382bddff062aab8da50
51eef9bb95fda685d270351bdbe9b28253eba85f297ed67cad2fc9e9290798d6
5395c28d179bc90a53e0a96f55d227ee9576fd61d260799b953435cb443b21b7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
6d80f07601070f83fad523324e0ae0966c5eca6a552eefc0e706c57d7f2b6dd7
6f41f29b0f02e5481de7e96b521b618eca399bade637e84457034fab87681d91
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
72a479c0136b8698d7356d248e6f50ea12840bd812b3527c21dd9a55d4770ac1
751c93befc1f1c6dbe3c6d302c25cbeee14a405b5a34b25f5b7366fb599f7c78
75722b141f4aad645e2e8c2e27de71f31b000f8b5b2a0a573647b9f541c7ca6c
7a60808f268f358768b2eb29ab786106b638764e9891f81bed0ce856792e2c54
7b43fdfa91335b80a2198fb64b6c6a9e1e96761e786d32928763a4b7fcb94649
7d05b917076aeb2e4518e25eb75f8f08c16e4638c041ab3db862f6b38c296e42
7f169f96e617411c0dffebf360e76f1c50acbaa67a4e8b0507631dbc8ba3beb9
817b7a132bd64eb29841f7ddc981b1994e4c2a0fcd565248960ffc32421d2752
819f1e28783021c0b565ed231c2d4440ba5293b8ca0f2a3e1715dc8ca5ef8997
86206484892026f976f8cc0a0a3bf5ee3620c102ada60f3f1ef75546f307955c
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
90a57f317fa4ca67e4d2a87f9b7d71fcc265393ae067a5610905b54d1b99dfdc
917803625359b1e186e59ac1f51a27534483196f1afe046244adc782154e301c
927ac15accc3be7c2dd4c309e3fb08e1be531ed5a4cea1de5cab5bb4fbc6edf0
93ede442328b91b5f5c6cb6f553e3bb9915593ef78889c369da022b63a596384
95459e3e1eba1a0c20605b915a30e4099561b6dcd53a6b000b44b25813bcc8d9
9b5bcbbfa6ee566931977b6b7fab31ac1afc749a6eec60297c5470c78a1fdd5d
9b5cb4899c757d8f3785742cd919ee4c8117bc6d96dc8b84bcf77b472a6d6105
9ef9fa47875e85a57565b49e6a0760db63463dc7e4d52d18399831a72d29cf01
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a48b3a7c8ca6d99f92c0214a724741abb29f7d98b171d12ce2c5f8d020c674d1
a4f55778ab8037c1ff47ab028b9c967236bdbe36d56414ae409f2f4ed635f8f8
a6635fe3019431e9d2f897202aa92754787b398cb5b7758259db1b942b633b73
a6a898db1d26ad25fe3678a4a75f826c82e9b528d52ba48130c750985d3679de
a6c37e9ec3b8c81da2e0826ce933819cb8e126585774b8da3df771c631252982
ace69168adcb8d85c57e8dd6a06876e932bd1b320aec11c118aa5a56ccea09a7
b0b286c743c911f58613d9bfa5fd7c816f370a2cb12e25393857939d5e3cf3e5
b5ec79db77727b5704ed58480a13866f37dbf53b3d7aa50b03e3139ed8487f7c
b8789c89b59d311603e26e92c0d625f3de7875846ec3f17cab65fd15a3a6db27
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
bc878d167abfe61265f68dc708521b32cc9fcc6a239a194e85c31db92e61f3c9
c01b6d0ea3cb6a1358f90f5c9681bc50df2ba439d184e7df0f05ab11456ea436
c08ab2e236a5cc8d47291e9a9942c90dfd24b121b842faf677d19b744c54cbcd
c8a0410d318ed395529cb3cb3f331cb615d2a74daa0bf070d0ca51b805d429f7
c92b0e11f4c6167a7730a52ecb65c43602ea321a01ae37ca58deb4e6545bccff
cb255f073f73e954171c15028915f286b4624b5cb99f40aa81068f2d5164c366
ce076c8cce964dad65f60dfd311eb04a18c2bbbf859163ec2d23c4c94a082def
cf70be681126b8ebccd038379b5fb626ce8386aa9015617548229bdac1efa6ae
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
db7baccef2c2c34e925214cfaa620203834e818fe0ea83d64936e66b69733a4d
ddf43ca5f1ddd28645a5d21dcb48da29ab5beef16b7ba84f882aa43bdf273f8d
de49b2da2af38957fe452847d9eba21a84cf11cf226a95e72be2f7dea0e49e7e
dee1e2e59194985566cf7421308f9841c218cbc6bea785bcf2c30a266bede032
e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701
e22497decab5e516d54eb70c8bd3c0093fb99f77591c645bd121fb9d541f6556
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4607257991062b9a277cce9a61abef0cc3534ff27ef7fccc21832e8b26d0950
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
e5688319ea093a91c367a5f64f22b2012affd2a2bf80a8e31a6f4e02c67fb1ce
e5dda32a36ae98a618f3d12fdbea8f0c57f68fb92035277e8993774899f511a0
e870455d244bf2db0924de127630d0f506b3138b2815d5f75a3940c2fe011943
e9d95adb4021114724ca3401138f26a02a679633bd43c1f9ee9ea17ae65cd97b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f905666d094994ce08119d631f65d93f6f1242050b5bd9289310fa538e195c15
fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c
ffa5fa7d068187d679bdbcd79e8ba3f11fe511e8e676e1df0a103311fc70536f

defaultpassword.us Open in urlscan Pro 198.252.98.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

97 %HTTPS

79 %IPv6

12 Domains

15 Subdomains

15 IPs

1 Countries

2290 kBTransfer

4485 kBSize

6 Cookies

4 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

defaultpassword.us Open in urlscan Pro
198.252.98.72 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

97 %
HTTPS

79 %
IPv6

12
Domains

15
Subdomains

15
IPs

1
Countries

2290 kB
Transfer

4485 kB
Size

6
Cookies

139 HTTP transactions
3 data transactions