www.airblog.org Open in urlscan Pro
78.46.71.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://airblog.org.admin-mcas.ms/
Effective URL:
https://www.airblog.org/
Submission: On May 08 via api (May 8th 2022, 7:54:49 pm UTC) from US — Scanned from US

Summary HTTP 153 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 35 domains to perform 153 HTTP transactions. The main IP is 78.46.71.241, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.airblog.org.
TLS certificate: Issued by R3 on May 1st 2022. Valid for: 3 months.

This is the only time www.airblog.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.224.188.157 52.224.188.157	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:141b:13:... 2600:141b:13::17d7:8290	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 54	78.46.71.241 78.46.71.241	24940 (HETZNER-AS) (HETZNER-AS)
3	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
4	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	23.55.166.87 23.55.166.87	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2600:141b:13:... 2600:141b:13::b833:928b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:141b:13:... 2600:141b:13::b833:92eb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.222.239.230 51.222.239.230	16276 (OVH) (OVH)
2	2620:116:800b... 2620:116:800b:21:559e:e8a8:8a19:7f11	14618 (AMAZON-AES) (AMAZON-AES)
1	52.48.146.43 52.48.146.43	16509 (AMAZON-02) (AMAZON-02)
1	13.225.66.191 13.225.66.191	16509 (AMAZON-02) (AMAZON-02)
2	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.158.28.82 51.158.28.82	12876 (Online SAS) (Online SAS)
12	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:aa00:6:44e3:f8c0:93a1	() ()
2	141.95.98.71 141.95.98.71	() ()
1	2607:f8b0:400... 2607:f8b0:4006:824::200a	() ()
2 3	15.197.193.217 15.197.193.217	() ()
1	34.120.155.137 34.120.155.137	() ()
5	52.30.190.237 52.30.190.237	() ()
1	142.250.80.2 142.250.80.2	() ()
1	2607:f8b0:400... 2607:f8b0:4006:822::2002	() ()
2	74.119.119.139 74.119.119.139	() ()
1	8.43.72.97 8.43.72.97	() ()
1 1	142.250.81.226 142.250.81.226	() ()
1 2	199.187.193.192 199.187.193.192	() ()
2 2	68.67.160.132 68.67.160.132	() ()
2 2	104.36.115.109 104.36.115.109	() ()
1	35.211.144.1 35.211.144.1	() ()
1	46.137.175.60 46.137.175.60	() ()
15	2607:f8b0:400... 2607:f8b0:4006:81f::2001	() ()
153	38

1 52.224.188.157 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

airblog.org.admin-mcas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13::17d7:8290 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 78.46.71.241 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: 1422139.vhosting-it.com

airblog.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.airblog.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.166.87 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-166-87.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::b833:928b (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

csync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::b833:92eb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

csync-us.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (Valence, France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:559e:e8a8:8a19:7f11 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.146.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-146-43.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.66.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-66-191.ewr53.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-82.rev.poneytelecom.eu

kvt.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81c::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81f::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:aa00:6:44e3:f8c0:93a1 (None, )

ASN- ()

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.71 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (None, ) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (None, )

ASN- ()

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.30.190.237 (None, )

ASN- ()

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.2 (None, )

ASN- ()

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.226 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.192 (None, ) 1 redirects

ASN- ()

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.132 (None, ) 2 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.109 (None, ) 2 redirects

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.144.1 (None, )

ASN- ()

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.175.60 (None, )

ASN- ()

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:81f::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	airblog.org 1 redirects airblog.org www.airblog.org	2 MB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com	283 KB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 cm.g.doubleclick.net	93 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	381 KB
6	cpx.to p.cpx.to — Cisco Umbrella Rank: 11959 s.cpx.to	7 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 448 mug.criteo.com	2 KB
4	smartadserver.com 2 redirects csync-global.smartadserver.com — Cisco Umbrella Rank: 12923 csync-us.smartadserver.com — Cisco Umbrella Rank: 13618 sync.smartadserver.com	1 KB
4	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 25011	224 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111 ajax.googleapis.com	33 KB
3	googletagservices.com www.googletagservices.com	110 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	google.com www.google.com — Cisco Umbrella Rank: 20 adservice.google.com	23 KB
3	azureedge.net mcasproxy.azureedge.net — Cisco Umbrella Rank: 170553	50 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	630 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	id5-sync.com id5-sync.com	2 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2525	24 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1338 pixel.quantserve.com	10 KB
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 24208	6 KB
1	casalemedia.com as-sec.casalemedia.com	429 B
1	adleadevent.com adtrack.adleadevent.com	526 B
1	bidswitch.net pool.grid-data.bidswitch.net	244 B
1	rubiconproject.com token.rubiconproject.com	661 B
1	googleadservices.com partner.googleadservices.com	645 B
1	rlcdn.com api.rlcdn.com	280 B
1	quantcount.com rules.quantcount.com	1 KB
1	sddan.com kvt.sddan.com — Cisco Umbrella Rank: 31716	2 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1014	13 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1119	814 B
1	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2283	184 B
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 8483	30 KB
1	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 26391	272 B
1	admin-mcas.ms airblog.org.admin-mcas.ms	1 KB
0	mathtag.com Failed sync.mathtag.com Failed
153	35

	Domain	Requested by
53	www.airblog.org	www.airblog.org
15	tpc.googlesyndication.com	googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.gstatic.com	www.google.com googleads.g.doubleclick.net www.gstatic.com
5	s.cpx.to	p.cpx.to www.airblog.org
4	ads.themoneytizer.com	www.airblog.org ads.themoneytizer.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	match.adsrvr.org	2 redirects js-sec.indexww.com
3	gum.criteo.com	1 redirects ads.themoneytizer.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	pagead2.googlesyndication.com	www.airblog.org pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	www.airblog.org googleads.g.doubleclick.net
3	mcasproxy.azureedge.net	airblog.org.admin-mcas.ms mcasproxy.azureedge.net
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	sync.smartadserver.com	1 redirects www.airblog.org
2	mug.criteo.com	www.airblog.org
2	id5-sync.com	ced.sascdn.com ads.themoneytizer.com
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	www.google.com	www.airblog.org www.gstatic.com www.google.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	pool.grid-data.bidswitch.net	www.airblog.org
1	cm.g.doubleclick.net	1 redirects
1	token.rubiconproject.com	www.airblog.org
1	pixel.quantserve.com	www.airblog.org
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	api.rlcdn.com	js-sec.indexww.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	kvt.sddan.com	ads.themoneytizer.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	spl.zeotap.com	ads.themoneytizer.com
1	csync-us.smartadserver.com	www.airblog.org
1	csync-global.smartadserver.com	1 redirects
1	ced.sascdn.com	ads.themoneytizer.com
1	c.tmyzer.com	ads.themoneytizer.com
1	airblog.org	1 redirects
1	airblog.org.admin-mcas.ms
0	sync.mathtag.com Failed	www.airblog.org
153	46

This site contains links to these domains. Also see Links.

Domain
wordpress.org
envothemes.com
cookiedatabase.org

Subject Issuer	Validity	Valid
*.azureedge.net Microsoft RSA TLS CA 01	`2021-10-28` - `2022-10-28`	a year	crt.sh
airblog.org R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.themoneytizer.com GoGetSSL RSA DV CA	`2022-03-10` - `2023-04-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
c.tmyzer.com R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
kvt.sddan.com R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-25` - `2023-03-07`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.airblog.org/
Frame ID: A8C7AFE7EA83FDC13F683FA8534258BD
Requests: 103 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.14.48/html/session-context-restore.html
Frame ID: 521F6917FA31B60E0A666E816F519437
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1652039685128
Frame ID: 4135734779C1AEE0E3E0ED0249E9C5CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: C54EE81D82CD7F0C3128DC3CA2901DA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685546&bpp=10&bdt=1102&idt=587&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&correlator=3364916976548&frm=20&pv=2&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RnBEu5mAFU&p=https%3A//www.airblog.org&dtd=636
Frame ID: 508CC43757DFF65C3FEF803B9576214A
Requests: 9 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.airblog.org%2F%3F&id=MTIZ
Frame ID: 1A7EE5967C26997B31587D237FD1B5B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=4094043489&adf=3069128770&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685556&bpp=7&bdt=1112&idt=678&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KLMbobVGYv&p=https%3A//www.airblog.org&dtd=721
Frame ID: 4485AEB6276E62D163C1AF335A28F007
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970
Frame ID: F0F5D4761BB49373B6332A2A06FEFC7F
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&co=aHR0cHM6Ly93d3cuYWlyYmxvZy5vcmc6NDQz&hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=ogs2reuyat2s
Frame ID: 144C8DE5B5D07070FC2F4029FF745CF6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&adk=318159125&adf=2184669829&lmt=1652010239&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.airblog.org%2F%3F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039686045&bpp=2&bdt=1602&idt=719&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280%2C360x280&nras=1&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=768
Frame ID: 1865CC530E2F0E4B5A396EBC4EC59795
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: 8E22267868E07A38F67CFD5B256AB0D3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Frame ID: AB7E26B5BE87F7C551B936CA1B0A65B2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Frame ID: 733D418039AD2479C491AD339524DF0A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AIRBLOG - ARCHIVIO TECNOLOGICO -close

Page URL History Show full URLs

http://airblog.org.admin-mcas.ms/ Page URL
http://airblog.org/ HTTP 301
https://www.airblog.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

153
Requests

88 %
HTTPS

41 %
IPv6

35
Domains

46
Subdomains

38
IPs

5
Countries

3094 kB
Transfer

5526 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://envothemes.com/
Title: Envo Magazine

Search URL Search Domain Scan URL

URL: https://cookiedatabase.org/tcf/purposes/
Title: Per saperne di più su questi scopi

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://airblog.org.admin-mcas.ms/ Page URL
http://airblog.org/ HTTP 301
https://www.airblog.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://csync-global.smartadserver.com/1097/CookieSync.html HTTP 302
https://csync-us.smartadserver.com/1097/CookieSync.html

Request Chain 87

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=4998728711383449237&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOuA6rW3hF9Hx_yRJ2IZjXnpNKVJWNex9F9XbiKQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=

Request Chain 93

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.airblog.org%2F&domain=www.airblog.org&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XggAaHxhcG5RYU5Eb2NEbWRUY0lJNDh5QkdvTTJ4MTMxVHpIaFp4SEVaUmxsd0NzTjJTRmdmUmZPb1h3clRTNFFZUnQyWkJoRzQraFFWTUNaTW1MbmhZZTlla0hQdGVKK3U2MXVPNkd0aG1RRk1aK2hQMGpYQ1hWOWlSejFPb1JWQ2J6VWhRVTAzNDZRd25wOTdRbHZJU2VOaU9IdlJkOTg0T1owQVhkK1psamRtQngxdFBRUEJCbzMyN0dqa3BUTUM1Nno5NW1PdXlabHdUQ00xSVRubW80L0tJKzN6ZUFod3BZS3VXV1ZCb0JTcGowPXw&cppv=2

Request Chain 97

https://id5-sync.com/i/102/8.gif?id5id=ID5*Gag1Efvu0wU7pYwiPClqKGJ4r8DQqizLzptnG7aWmncRYy3JQpMvr2IeWtu7F4wT&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOuA6rW3hF9Hx_yRJ2IZjXnpNKVJWNex9F9XbiKQ&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/102/7/2.gif?puid=7304595084150762221&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/2/6/3.gif?puid=4998728711383449237&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOuA6rW3hF9Hx_yRJ2IZjXnpNKVJWNex9F9XbiKQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1&google_gid=CAESENGnADG0uBnjFmRuKuMUwT8&google_cver=1

Request Chain 106

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Df8bb7ff0-b75b-437e-a5aa-aff258e51fd1&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1&gdpr=0&cklb=1

Request Chain 107

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3Dhttp%253A%252F%252Fairblog.org.admin-mcas.ms%252F%26url%3Dhttps%253A%252F%252Fwww.airblog.org%252F%253F%26hn_ver%3D40%26fid%3Df8bb7ff0-b75b-437e-a5aa-aff258e51fd1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253Dhttp%25253A%25252F%25252Fairblog.org.admin-mcas.ms%25252F%2526url%253Dhttps%25253A%25252F%25252Fwww.airblog.org%25252F%25253F%2526hn_ver%253D40%2526fid%253Df8bb7ff0-b75b-437e-a5aa-aff258e51fd1 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=4998728711383449237&pid=12771&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1

Request Chain 108

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df8bb7ff0-b75b-437e-a5aa-aff258e51fd1 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df8bb7ff0-b75b-437e-a5aa-aff258e51fd1 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9BEA1156-0746-4B19-812C-93BB23B66004&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1

Request Chain 109

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=dc532926-9f65-4574-8403-871eab9654ca&dsp=TTD

153 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
airblog.org.admin-mcas.ms/ 1 KB
1 KB 165ms
62ms Document
text/html 52.224.188.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://airblog.org.admin-mcas.ms/

Protocol

HTTP/1.1

Server

52.224.188.157 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

9a5213cf9e6ba5680022244266ded05532e568d7cf682740b169ee681344025b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 08 May 2022 19:54:42 GMT
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Pragma: no-cache
Server: openresty
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-MCAS-Cache-Status: MISS
X-MCAS-Processing-Time: 2
X-MCAS-Request-Id: b7427b5568285c5858a8b882772ed21f
X-MCAS-Upstream-Time: n/a

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.14.48/js/ 7 KB
8 KB 278ms
68ms Script
application/javascript 2600:141b:13::17d7:8290
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/js/session-context-store-helper.min.js
Requested by: Host: airblog.org.admin-mcas.ms
URL: http://airblog.org.admin-mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4e44758542e7203cb2050755ccf83633e63e62d854aff74c928943088be90075

Request headers

accept-language: en-US,en;q=0.9
Referer: http://airblog.org.admin-mcas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 19:54:42 GMT
last-modified: Mon, 02 May 2022 12:15:41 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: HzQhQbcTmGXRWSfOLdiXQw==
etag: 0x8DA2C35798FA034
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c175ba0a-201e-0039-2db9-628f8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31496542
x-ms-version: 2009-09-19
content-length: 7569

GET
H2 200 session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.14.48/html/ Frame 521F 281 B
729 B 67ms
67ms Document
text/html 2600:141b:13::17d7:8290
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/html/session-context-restore.html
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: http://airblog.org.admin-mcas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31496564
content-length: 281
content-md5: vDuuGHIdcY/gQtnraxH9qw==
content-type: text/html
date: Sun, 08 May 2022 19:54:42 GMT
etag: 0x8DA2C35AC9A45B2
last-modified: Mon, 02 May 2022 12:17:06 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 1bf00724-501e-003d-3cb9-627a0d000000
x-ms-version: 2009-09-19

GET
H2 200 session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.14.48/js/ Frame 521F 40 KB
41 KB 72ms
72ms Script
application/javascript 2600:141b:13::17d7:8290
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.14.48/html/session-context-restore.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8290 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.14.48/html/session-context-restore.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 19:54:42 GMT
last-modified: Mon, 02 May 2022 12:15:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: rvb+tkBFoqsvGgzyWOxnDQ==
etag: 0x8DA2C3579502B68
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c175bd19-201e-0039-77b9-628f8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31496592
x-ms-version: 2009-09-19
content-length: 41368

GET
H2

200

Primary Request / Show response
www.airblog.org/
Redirect Chain

http://airblog.org/?
https://www.airblog.org/?

100 KB
16 KB

850ms
293ms

Document
text/html

78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PHP/7.4.29 PleskLin
Resource Hash: 6f2d216249fa0403988a11f971042cda8aca1e057434422d93bfa2593ef092ef

Request headers

Referer: http://airblog.org.admin-mcas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 16330
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 19:54:44 GMT
last-modified: Sun, 08 May 2022 11:43:59 GMT
server: nginx
vary: User-Agent
wpo-cache-status: cached
x-powered-by: PHP/7.4.29 PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 08 May 2022 19:54:43 GMT
Location: https://www.airblog.org/?
Server: nginx

GET
H2 200 style.min.css
www.airblog.org/wp-includes/css/dist/block-library/ 81 KB
10 KB 192ms
188ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
etag: W/"624ce224-145db"
last-modified: Wed, 06 Apr 2022 00:43:16 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:54:44 GMT

GET
H2 200 styles.css
www.airblog.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 198ms
195ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
etag: W/"621dff80-aab"
last-modified: Tue, 01 Mar 2022 11:12:00 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:54:44 GMT

GET
H2 200 wp-date-remover-public.css
www.airblog.org/wp-content/plugins/wp-date-remover/public/css/ 98 B
374 B 242ms
239ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/wp-date-remover/public/css/wp-date-remover-public.css?ver=1.0.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: gzip
etag: "62-5d6a2e2602c9f-gzip"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding,User-Agent
content-type: text/css
x-accel-version: 0.01
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 106
expires: Tue, 07 Jun 2022 19:54:44 GMT

GET
H2 200 cookieblocker.min.css
www.airblog.org/wp-content/plugins/complianz-gdpr-premium/assets/css/ 1 KB
689 B 164ms
161ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/complianz-gdpr-premium/assets/css/cookieblocker.min.css?ver=6.0.14
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8af68f83b12515bf2b6eb71eb160a35765cba6c72bafb2566061b34fbcedb459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
etag: W/"61f413d0-5fd"
last-modified: Fri, 28 Jan 2022 16:03:28 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:54:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 243ms
83ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5773246ab9ff5dfb7d8eddde1cba8b596badf0c4414f1b37ce24db69d106c77a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 May 2022 19:35:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 May 2022 19:54:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 May 2022 19:54:44 GMT

GET
H2 200 bootstrap.css
www.airblog.org/wp-content/themes/envo-magazine/css/ 66 KB
10 KB 240ms
238ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/css/bootstrap.css?ver=3.3.7
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
etag: W/"61f3d5e2-10893"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:54:44 GMT

GET
H2 200 style.css
www.airblog.org/wp-content/themes/envo-magazine/ 32 KB
6 KB 211ms
209ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/style.css?ver=1.3.12
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: f7a2f6732915bf51f4c1c55e0db025e3d106a69d40aa6fb9c28219418f81c922

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
etag: W/"61f3d5e2-810c"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:54:44 GMT

GET
H2 200 font-awesome.min.css
www.airblog.org/wp-content/themes/envo-magazine/css/ 30 KB
7 KB 301ms
300ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
etag: W/"61f3d5e2-7918"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:54:44 GMT

GET
H2 200 jquery.min.js Show response
www.airblog.org/wp-includes/js/jquery/ 87 KB
30 KB 344ms
343ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e3-15db1"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.airblog.org/wp-includes/js/jquery/ 11 KB
4 KB 161ms
160ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e3-2bd8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-date-remover-public.js Show response
www.airblog.org/wp-content/plugins/wp-date-remover/public/js/ 838 B
705 B 386ms
385ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/wp-date-remover/public/js/wp-date-remover-public.js?ver=1.0.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: gzip
etag: "346-5d6a2e2603087-gzip"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 479

GET
H2 200 logo.jpg
www.airblog.org/wp-content/uploads/2019/11/ 13 KB
14 KB 433ms
414ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/11/logo.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: b3a66a92ba645a81f3be52f412f621bf7b0cec656dad0ca354840953eb8a2bdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-35bf"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13759
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
51 KB 300ms
123ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad03183b18118b9fb32a9906e2b1f763eeba064175b014d3e17cd02f0b6a06fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51173
x-xss-protection: 0
server: cafe
etag: 16551474018159781281
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 May 2022 19:54:45 GMT

GET
H2 200 attivare-disattivare-avviso-di-chiamata-min.jpg
www.airblog.org/wp-content/uploads/2019/01/ 30 KB
30 KB 433ms
414ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/01/attivare-disattivare-avviso-di-chiamata-min.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: df0af21979edaeac51f768c69a72eb3804fc6425346f171b6839c326a8cdaef4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-766c"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30316
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 scoprire-nome-da-indirizzo.jpg
www.airblog.org/wp-content/uploads/2016/07/ 563 KB
564 KB 192ms
174ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2016/07/scoprire-nome-da-indirizzo.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: f0989c5e16cbf933b4473698a865f0023589d2a2021fb516d81bfa3d9bc2988a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e2-8ccc1"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 576705
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 come-vendere-di-piu%CC%80-attraverso-Google-1000x641.jpg
www.airblog.org/wp-content/uploads/2022/01/ 74 KB
74 KB 431ms
413ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/come-vendere-di-piu%CC%80-attraverso-Google-1000x641.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 5e1959636a4c2e11cd8b36ffbbca8e00131fd2e1cc371a6a4e0d65f6f47a6050

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e4-127ab"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 75691
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 attivare-disattivare-avviso-di-chiamata-min-720x311.jpg
www.airblog.org/wp-content/uploads/2019/01/ 26 KB
26 KB 597ms
579ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/01/attivare-disattivare-avviso-di-chiamata-min-720x311.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8d047bda78f411b89fae57e2cf3a9ae2167985eb4b6534eb26f470397abae8e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-6614"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26132
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 computer-spento-160x120.jpg
www.airblog.org/wp-content/uploads/2019/03/ 4 KB
5 KB 596ms
580ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/03/computer-spento-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8dfa47d90b2c2d2e54b25c23ec95c125a116bb550b8c438bcbd3a4439258519f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-118c"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4492
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 only-office-160x120.jpg
www.airblog.org/wp-content/uploads/2021/03/ 4 KB
4 KB 595ms
580ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/03/only-office-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8d47cc1b7cf6a7d253890cd1c86c372ca1cb31d9bcc156193c1fca42e821b987

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-ea8"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3752
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 corso-grafica-pubblicitaria-160x120.jpg
www.airblog.org/wp-content/uploads/2021/01/ 4 KB
4 KB 596ms
581ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/01/corso-grafica-pubblicitaria-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 3715d898091d218facfde51025bc504a59b4cc8a6a388061ae0af810fc2678dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-eca"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3786
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 attivare-disattivare-avviso-di-chiamata-min-160x120.jpg
www.airblog.org/wp-content/uploads/2019/01/ 5 KB
5 KB 597ms
582ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/01/attivare-disattivare-avviso-di-chiamata-min-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8c74567dc7b8ad6305d04a844576b6d80b53fae701e2f3072b1dee98ecb26794

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-125a"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4698
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 come-vendere-di-piu%CC%80-attraverso-Google-160x120.jpg
www.airblog.org/wp-content/uploads/2022/01/ 5 KB
5 KB 596ms
582ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/come-vendere-di-piu%CC%80-attraverso-Google-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 53a876a4f4b7d9b7437e5c21bc37146d0980d4d21444365038f3df443154e950

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e4-1468"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5224
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 scala40-720x405.jpg
www.airblog.org/wp-content/uploads/2021/05/ 48 KB
48 KB 597ms
582ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/05/scala40-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 7cc134912df21850088036f583fbfeefb6baa7a2a5bdbf253b8d024ae6a56e4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-c0ec"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 49388
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 fortnite-come-sbloccare-fase-quattro-skin-prigioniero-v3-364951-1280x720-720x405.jpg
www.airblog.org/wp-content/uploads/2019/10/ 50 KB
50 KB 597ms
583ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/10/fortnite-come-sbloccare-fase-quattro-skin-prigioniero-v3-364951-1280x720-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: d153888853d763598eab808a0b1de15c8a710a958191cead9288b2e76c8fc3f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-c7f3"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 51187
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 fortnite-capitolo-2-trailer-di-lancio-1200x630-720x405.jpg
www.airblog.org/wp-content/uploads/2019/10/ 68 KB
68 KB 612ms
598ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/10/fortnite-capitolo-2-trailer-di-lancio-1200x630-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 319f22513aa812f96bf8b5dbb6c9e493dd01c197b7818a549b91c8140d88888b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-10f1c"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 69404
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 buco-nero-fortnite-arriva-proposta-pornhub-utenti-v3-405260-1280x720-720x405.jpg
www.airblog.org/wp-content/uploads/2019/10/ 6 KB
6 KB 605ms
591ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/10/buco-nero-fortnite-arriva-proposta-pornhub-utenti-v3-405260-1280x720-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 6fe859cc9b0b4c24daf635f4203f7e6c92230369ad24686616f64b8a3dffa26f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-18b5"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6325
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 spongebob-nuovo-videogioco-720x405.jpg
www.airblog.org/wp-content/uploads/2019/09/ 60 KB
60 KB 610ms
597ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/09/spongebob-nuovo-videogioco-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 976ce9d9acb9658e97840767d7ba2988a7e405c6b65d09331859c820791c1c4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-eee0"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 61152
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 Fortnite-720x405.jpg
www.airblog.org/wp-content/uploads/2019/09/ 64 KB
64 KB 607ms
593ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/09/Fortnite-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: b187e1e9324f0295eb618a1639815f27538926a181f86c3a4a1e9e76f7282157

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-100e3"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65763
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 iphone-12-fotocamera-come-funziona-720x405.jpg
www.airblog.org/wp-content/uploads/2021/05/ 54 KB
54 KB 606ms
593ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/05/iphone-12-fotocamera-come-funziona-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 514d168fcfac4a69ed0fbe1508eec4a7a66a465456149ed2c294f59035e908b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-d8a5"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 55461
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 cartucce-stampante-160x120.jpg
www.airblog.org/wp-content/uploads/2020/08/ 4 KB
4 KB 604ms
592ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2020/08/cartucce-stampante-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: f641acb5aef9ad3c1795e08ab4b07b11abab1bf27a46fc0ee0a09bdc5400f55e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-f77"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3959
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 erp-160x120.jpg
www.airblog.org/wp-content/uploads/2020/07/ 5 KB
6 KB 608ms
596ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2020/07/erp-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 25a9b61a13f84c11ed5ae966543a5850d29fa31725b68733c140801bcbe637bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-156d"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5485
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 immuni-app-coronavirus-160x120.jpg
www.airblog.org/wp-content/uploads/2020/04/ 6 KB
6 KB 603ms
592ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2020/04/immuni-app-coronavirus-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: af3ce861484039c35a1811f0b24c2073a3885273954c8bbc16c53815cc2c8f96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-1850"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6224
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 Migliori-Smartphone-2019-696x392-160x120.jpg
www.airblog.org/wp-content/uploads/2019/03/ 6 KB
7 KB 609ms
599ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2019/03/Migliori-Smartphone-2019-696x392-160x120.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: fddbd81c9f8ae7dbaaf16aec67e5db4e4707aa06ca062737eedc13c5e115f112

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-19b3"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6579
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 windows-10-novit-settimana-scaricare-installare-conviene-subito-o-aspettare-problemi-soluzioni-primo-aggiornamento-a-breve.jpg
www.airblog.org/wp-content/uploads/2016/10/ 38 KB
38 KB 604ms
595ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2016/10/windows-10-novit-settimana-scaricare-installare-conviene-subito-o-aspettare-problemi-soluzioni-primo-aggiornamento-a-breve.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 4db5040b38ec7a9aa5e7f7200e540a5b2e3c6f7ff8f027bb45acb98de8b41205

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e2-9839"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38969
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 seleziona-tutti-su-facebook.jpg
www.airblog.org/wp-content/uploads/2016/05/ 112 KB
112 KB 601ms
592ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2016/05/seleziona-tutti-su-facebook.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 1dcb7b0b76d8b08d2c572f9df3b28aefb7b29a35f04812dcdcb91a0ef87a0f6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e2-1bf6d"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 114541
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 come-vendere-di-piu%CC%80-attraverso-Google-720x405.jpg
www.airblog.org/wp-content/uploads/2022/01/ 39 KB
39 KB 603ms
594ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/come-vendere-di-piu%CC%80-attraverso-Google-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: b5c62131a0575cca97da8d53cecf82538ec888c994bed1134bf929a674dacd87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e4-9bcd"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39885
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 Tutti-pazzi-per-il-dropshipping-720x405.jpg
www.airblog.org/wp-content/uploads/2022/01/ 47 KB
48 KB 602ms
593ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/Tutti-pazzi-per-il-dropshipping-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 9a297de328634be2246c3dbef0c619d1cf8d4858e592baedbd712041898df72b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e4-bd3e"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48446
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 analisi-dei-competitor-720x405.jpg
www.airblog.org/wp-content/uploads/2022/01/ 48 KB
48 KB 602ms
594ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/01/analisi-dei-competitor-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 6c924400dc0bafd7bc6e33c58502800262426bc2696b6995dff4189261ec17de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e4-be9a"
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48794
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 corsi-di-fotografia-720x405.jpg
www.airblog.org/wp-content/uploads/2022/02/ 47 KB
48 KB 604ms
596ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2022/02/corsi-di-fotografia-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 8de58826e0ea4c15255efaf99058147349aaa938684ed7d9bcc77788ee5daa94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "6200fefc-bdce"
last-modified: Mon, 07 Feb 2022 11:14:04 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48590
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 ddos-attack-800x500_c.jpg
www.airblog.org/wp-content/uploads/2017/01/ 54 KB
55 KB 602ms
594ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2017/01/ddos-attack-800x500_c.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: a23682dd7421e99919fc31901326d5e9d9d0cd722ae8e55afed0549a93a97e05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e2-d9d3"
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 55763
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 antivirus-720x405.jpg
www.airblog.org/wp-content/uploads/2021/10/ 16 KB
16 KB 603ms
595ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/10/antivirus-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 98e8d18ad3a3ccd09313b477fe69971f58850834e52fba04bf733d7e4113cc11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-4105"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16645
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 gadget-marketing-720x405.jpg
www.airblog.org/wp-content/uploads/2021/10/ 48 KB
49 KB 603ms
595ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/10/gadget-marketing-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 0897bd600f16f8867b46fdb9058e820bfa6cc1bdf01a1975219b553c7a7fc2d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-c1bf"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 49599
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 agenzia-seo-720x405.jpg
www.airblog.org/wp-content/uploads/2021/10/ 19 KB
20 KB 601ms
594ms Image
image/jpeg 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airblog.org/wp-content/uploads/2021/10/agenzia-seo-720x405.jpg
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: fc5166447e6081f9e7260b18e7b982af56cfb0c252e2f25575d3d49181a8f3d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
etag: "61f3d5e3-4dc5"
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19909
expires: Mon, 08 May 2023 19:54:45 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 137ms
37ms Script
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: gzip
server: nginx
x-hw: 1652039684.cds043.mi1.hn,1652039684.cds040.mi1.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2073

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 67 KB
13 KB 124ms
39ms Script
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a00fd4974dcbb8c4d9c62d6d91b2f0a2ba3a18caad457cf87c2e6d7eb182759

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: gzip
server: nginx
x-hw: 1652039684.cds043.mi1.hn,1652039684.cds048.mi1.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12739

GET
H2 200 regenerator-runtime.min.js Show response
www.airblog.org/wp-includes/js/dist/vendor/ 6 KB
2 KB 153ms
153ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e4-195e"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-polyfill.min.js Show response
www.airblog.org/wp-includes/js/dist/vendor/ 19 KB
7 KB 161ms
161ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:16 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e4-4b3d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
www.airblog.org/wp-content/plugins/contact-form-7/includes/js/ 9 KB
3 KB 161ms
160ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 11:12:00 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"621dff80-25f8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
www.airblog.org/wp-content/themes/envo-magazine/js/ 7 KB
2 KB 164ms
147ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/js/bootstrap.min.js?ver=3.3.7
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:44 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e2-1c20"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 customscript.js Show response
www.airblog.org/wp-content/themes/envo-magazine/js/ 4 KB
867 B 436ms
416ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/js/customscript.js?ver=1.3.12
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: ea4e05b419e4603038c3140f01d23296d4981e4f4a0107a7d9d2bf781acef11c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e2-e8b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
999 B 265ms
100ms Script
text/javascript 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&ver=3.0

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a0b12ed38dbb008349e5e39981d20acf4a4062ac5ad38bac3ea35ca3f80da430

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Sun, 08 May 2022 19:54:45 GMT

GET
H2 200 index.js Show response
www.airblog.org/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
733 B 435ms
416ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: gzip
etag: "3e7-5d9263bdf9b64-gzip"
last-modified: Tue, 01 Mar 2022 11:12:00 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 507

GET
H2 200 complianz.min.js Show response
www.airblog.org/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/ 40 KB
9 KB 605ms
599ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=6.0.14
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: c8c9b01c729ee2da404f2d4f1cc65c5397ee4efc4d6d67c7441cc31fb09e303d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 16:03:29 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f413d1-9fd2"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-emoji-release.min.js Show response
www.airblog.org/wp-includes/js/ 18 KB
5 KB 605ms
598ms Script
application/javascript 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 11:39:15 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"61f3d5e3-4705"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 223ms
68ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:18:31 GMT
x-content-type-options: nosniff
age: 423374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:18:31 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 243ms
89ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:19:25 GMT
x-content-type-options: nosniff
age: 423320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:19:25 GMT

GET
H2 200 fontawesome-webfont.woff2
www.airblog.org/wp-content/themes/envo-magazine/fonts/ 75 KB
76 KB 566ms
565ms Font
font/woff2 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/themes/envo-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/wp-content/themes/envo-magazine/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.airblog.org/wp-content/themes/envo-magazine/css/font-awesome.min.css?ver=4.7.0
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
last-modified: Fri, 28 Jan 2022 11:39:14 GMT
server: nginx
x-powered-by: PleskLin
etag: "61f3d5e2-12d68"
content-type: font/woff2
accept-ranges: bytes
content-length: 77160

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 234ms
146ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:19:20 GMT
x-content-type-options: nosniff
age: 423325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:19:20 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 41ms
41ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
x-hw: 1652039685.cds043.mi1.hn,1652039685.cds204.mi1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 16267

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 826ms
304ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=71732&f=2&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 08 May 2022 19:54:45 GMT
Server: nginx
X-IPLB-Request-ID: 2684764A:B11C_36264064:01BB_62782005_1325769F:2BD85
X-IPLB-Instance: 38438
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 92 KB
30 KB 242ms
71ms Script
application/javascript 23.55.166.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.166.87 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-166-87.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c95fbf9e1dab750326a1d2e0dbdff3d091b0695fcefea56f0ff403496c940a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:54:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 30818
Expires: Sun, 08 May 2022 20:09:45 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
373 B 197ms
62ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1647
strict-transport-security: max-age=31536000; preload;
content-length: 165
expires: 60

GET
H/1.1

200
OK

CookieSync.html Show response
csync-us.smartadserver.com/1097/
Redirect Chain

https://csync-global.smartadserver.com/1097/CookieSync.html
https://csync-us.smartadserver.com/1097/CookieSync.html

0
0

239ms
66ms

Script
text/html

2600:141b:13::b833:92eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync-us.smartadserver.com/1097/CookieSync.html
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: HTTP/1.1
Server: 2600:141b:13::b833:92eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Location: https://csync-us.smartadserver.com/1097/CookieSync.html
Date: Sun, 08 May 2022 19:54:45 GMT
Cache-Control: private, max-age=86400
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Mon, 09 May 2022 19:54:45 GMT

GET
H2 204 mapper.js Show response
spl.zeotap.com/ 0
184 B 160ms
65ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7084bfc0cd1867de-MIA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 694ms
152ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:54:45 GMT
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 2684764A:D27A_91EFC0A6:01BB_62782005_1EBA2E4:232FB
ETag: "6167dbf8-15ab"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 4135 2 KB
814 B 256ms
77ms Document
text/html 51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1652039685128

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 234ms
67ms Script
application/javascript 2620:116:800b:21:559e:e8a8:8a19:7f11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:559e:e8a8:8a19:7f11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 15 May 2022 19:54:45 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12771/ 2 KB
2 KB 648ms
149ms Script
application/javascript 52.48.146.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12771/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.146.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-146-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b7c2f6897797b91368989fdf497f734262181ada58b8003b3e9295e2348c9337

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:54:45 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1769
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 247ms
78ms Script
text/javascript 13.225.66.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.66.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-66-191.ewr53.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 05:58:40 GMT
Via: 1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 50166
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 5S_keYKBp_NM2AJwnpkletQPN-Vd8qyYYFjeVQjXkLnLsGWe9xbk-w==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 311ms
70ms Script
text/javascript 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:54:45 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 May 2022 19:11:07 GMT
Server: Apache
ETag: "76340d-930b-5de84da95c799"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1265
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Sun, 08 May 2022 20:15:50 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/ 650 KB
194 KB 63ms
59ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=71732&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 551ba1ecbe0bbb90ff6dc576dc32dec584bea60f694faa0b39fe66166e7d3818

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 08:55:45 GMT
server: nginx
etag: "62208291-a2793"
x-hw: 1652039685.cds043.mi1.hn,1652039685.cds063.mi1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 197945

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
941 B 176ms
63ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2351735
x-amz-request-id: tx0bfe2e8ae1f14ccba1126-0062543d8e
x-amz-id-2: tx0bfe2e8ae1f14ccba1126-0062543d8e
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHtw1%2B4BOMriO6wNt0JQH5rnAesn5BuzjjA9HrrkwT9NK2aCv9AiUn%2Bz3VT7trgre%2B3MQTxQchOIEEuc5jfHeeCjrLOP8eorjLBtCe3qD9HCQg8kwgTvfipcuAR9YaxVDB22%2BNN4XrMSuHnP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1649687875786561
cf-ray: 7084bfc2a9c609a6-MIA

GET
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 4 KB
2 KB 472ms
145ms XHR
application/json 51.158.28.82
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https://www.airblog.org/?

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-82.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

db0037fc89f3ffe6f3742f500760ec2bc6b965f4039ad9b8a524bfd4418c7e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 08 May 2022 19:54:45 GMT
Content-Encoding: gzip
Server: nginx/1.20.2
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.airblog.org
Cache-Control: private, max-age=60
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/ 308 KB
110 KB 108ms
107ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_fy2019.js?bust=31067401

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2c0c8b35cdcfee45ed0246d32b1c5f39ff94bc88ae45d2d87559c91a4b05f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112603
x-xss-protection: 0
server: cafe
etag: 13767787000515467209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 19:54:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame C54E 10 KB
5 KB 238ms
71ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 14:50:17 GMT
etag: 1428802124239944296
expires: Sun, 22 May 2022 14:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ 360 KB
143 KB 230ms
69ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

303b7acf1f54f053c84b9a9d889a693ff90e39ecec8fdadac43201449d116be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Origin: https://www.airblog.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145286
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 May 2023 00:40:17 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 296ms
118ms Script
application/javascript 2600:9000:21dd:aa00:6:44e3:f8c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:aa00:6:44e3:f8c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:20:45 GMT
content-encoding: gzip
age: 2042
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4e3df844337032b56b8434990b0f76ca.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: 6XLF-8r8sDDLBi_wdcef9bnpcRjNBAljsFaxtBV6EjHIlzpIScl2SQ==

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 453 B
1 KB 467ms
160ms XHR
application/json 141.95.98.71

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 -, , ASN (),

Reverse DNS

Software

Resource Hash

4b59d3f4611209129c1175f5fdb86740b3e59a8f5e4edadb74e599442eb8d168

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.airblog.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 229ms
68ms Script
text/javascript 2607:f8b0:4006:824::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 00:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 00:33:34 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 1351ms
60ms XHR
application/json 15.197.193.217

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 386c70b09d2cf5c1409995da702d6b7ee84167eeffe0a9b22e2f41a240116032

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 08 May 2022 19:54:47 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.airblog.org
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 07 Jun 2022 19:54:47 GMT

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
280 B 172ms
79ms XHR
text/plain 34.120.155.137

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 08 May 2022 19:54:46 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.airblog.org
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 310ms
231ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx8bbc4abbbd4a48b2a713b-006276132c
cf-ray: 7084bfc6495d8dac-MIA
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-id-2: tx8bbc4abbbd4a48b2a713b-006276132c
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLiK5KxXHqqRI6i37mjZ59VNlgRVkkw%2FpX3t7DyDwztyq3BmSz%2BDPewhMDA%2BZM3tvyX%2BMvj0WmvjAxb%2B1fylK1kuaCnUJjxciSmbZ9rTPZTt1CA9EFsGQLAftvb%2FuKbmSs0cET1%2Fr24DeR2S"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1649687874851815
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: Authorization

GET
H2 200 banner Show response
www.airblog.org/wp-json/complianz/v1/ 124 B
460 B 266ms
258ms XHR
application/json 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airblog.org/wp-json/complianz/v1/banner?lang=it&locale=it_IT&token=dzqgz

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=6.0.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

1422139.vhosting-it.com

Software

nginx / PHP/7.4.29, PleskLin

Resource Hash

7113196619fd9ddf95ab6975a259b6eb5ed973adebf5eb1d4185d18233889b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.airblog.org/?
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 08 May 2022 19:54:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
link: <https://www.airblog.org/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/7.4.29, PleskLin
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET

img
sync.mathtag.com/sync/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/12/2/8/2.gif?puid=4998728711383449237&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOuA6rW3hF9Hx_yRJ2IZjXnpNKVJWNex9F9XbiKQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...

0
0

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 1 KB
2 KB 610ms
153ms Script
application/javascript 52.30.190.237

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12771&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.190.237 -, , ASN (),

Reverse DNS

Software

Resource Hash

6aca192cc70f1806393546414494a80c2ac47230d1ab85cf7fc534ca014b8232

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:54:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1060
Expires: Mon, 21 Mar 2022 12:56:56 UTC

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
645 B 230ms
78ms Script
text/javascript 142.250.80.2

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.airblog.org&callback=_gfp_s_&client=ca-pub-3877282152808880

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_fy2019.js?bust=31067401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c239be51a9f5c7ccaaf7a4fdac88716365d297025223d399d263500e33239e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
550 B 245ms
84ms Script
application/javascript 2607:f8b0:4006:822::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.airblog.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_fy2019.js?bust=31067401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 May 2022 19:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 508C 69 KB
28 KB 589ms
448ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685546&bpp=10&bdt=1102&idt=587&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&correlator=3364916976548&frm=20&pv=2&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RnBEu5mAFU&p=https%3A//www.airblog.org&dtd=636

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_fy2019.js?bust=31067401

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d70fba35f65607cf8dc3afdb182f6de297294ab48e8f080becb7e31d30e306a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28664
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:54:46 GMT
expires: Sun, 08 May 2022 19:54:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 189ms
65ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.airblog.org%2F&domain=www.airblog.org&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.airblog.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.airblog.org
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 08 May 2022 19:54:45 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1145
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.airblog.org%2F&domain=www.airblog.org&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=XggAaHxhcG5RYU5Eb2NEbWRUY0lJNDh5QkdvTTJ4MTMxVHpIaFp4SEVaUmxsd0NzTjJTRmdmUmZPb1h3clRTNFFZUnQyWkJoRzQraFFWTUNaTW1MbmhZZTlla0hQdGVKK3U2MXVPNkd0aG1RRk1aK2hQMGpYQ1hWOWlSej...

350 B
620 B

168ms
57ms

XHR
application/json

74.119.119.139

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XggAaHxhcG5RYU5Eb2NEbWRUY0lJNDh5QkdvTTJ4MTMxVHpIaFp4SEVaUmxsd0NzTjJTRmdmUmZPb1h3clRTNFFZUnQyWkJoRzQraFFWTUNaTW1MbmhZZTlla0hQdGVKK3U2MXVPNkd0aG1RRk1aK2hQMGpYQ1hWOWlSejFPb1JWQ2J6VWhRVTAzNDZRd25wOTdRbHZJU2VOaU9IdlJkOTg0T1owQVhkK1psamRtQngxdFBRUEJCbzMyN0dqa3BUTUM1Nno5NW1PdXlabHdUQ00xSVRubW80L0tJKzN6ZUFod3BZS3VXV1ZCb0JTcGowPXw&cppv=2

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Server

74.119.119.139 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 May 2022 19:54:46 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2984
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 May 2022 19:54:46 GMT
location: https://mug.criteo.com/sid?cpp=XggAaHxhcG5RYU5Eb2NEbWRUY0lJNDh5QkdvTTJ4MTMxVHpIaFp4SEVaUmxsd0NzTjJTRmdmUmZPb1h3clRTNFFZUnQyWkJoRzQraFFWTUNaTW1MbmhZZTlla0hQdGVKK3U2MXVPNkd0aG1RRk1aK2hQMGpYQ1hWOWlSejFPb1JWQ2J6VWhRVTAzNDZRd25wOTdRbHZJU2VOaU9IdlJkOTg0T1owQVhkK1psamRtQngxdFBRUEJCbzMyN0dqa3BUTUM1Nno5NW1PdXlabHdUQ00xSVRubW80L0tJKzN6ZUFod3BZS3VXV1ZCb0JTcGowPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.airblog.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1477
content-length: 482
expires: 0

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 453 B
1 KB 234ms
148ms XHR
application/json 141.95.98.71

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 -, , ASN (),

Reverse DNS

Software

Resource Hash

c6bde0f57fb547a76c9a6a14ad5e51b942e0e182ed5b22e0dff4cdd6b5099ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 08 May 2022 19:54:45 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.airblog.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 1A7E 0
246 B 151ms
149ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.airblog.org%2F%3F&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Date: Sun, 08 May 2022 19:54:57 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
X-IPLB-Instance: 30196
X-IPLB-Request-ID: 2684764A:D27A_91EFC0A6:01BB_62782005_1EBA313:232FB

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4485 79 KB
30 KB 521ms
473ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=4094043489&adf=3069128770&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685556&bpp=7&bdt=1112&idt=678&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KLMbobVGYv&p=https%3A//www.airblog.org&dtd=721

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_fy2019.js?bust=31067401

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30201
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:54:46 GMT
expires: Sun, 08 May 2022 19:54:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET

img
sync.mathtag.com/sync/
Redirect Chain

https://id5-sync.com/i/102/8.gif?id5id=ID5*Gag1Efvu0wU7pYwiPClqKGJ4r8DQqizLzptnG7aWmncRYy3JQpMvr2IeWtu7F4wT&o=api&gdpr_consent=undefined&gdpr=0
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOuA6rW3hF9Hx_yRJ2IZjXnpNKVJWNex9F9XbiKQ&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
https://id5-sync.com/c/102/102/7/2.gif?puid=7304595084150762221&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/2/6/3.gif?puid=4998728711383449237&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOuA6rW3hF9Hx_yRJ2IZjXnpNKVJWNex9F9XbiKQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...

0
0

GET
H2 200 banner-1-optin.css
www.airblog.org/wp-content/uploads/complianz/css/ 15 KB
3 KB 157ms
156ms Stylesheet
text/css 78.46.71.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airblog.org/wp-content/uploads/complianz/css/banner-1-optin.css?v=16
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=6.0.14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.71.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 1422139.vhosting-it.com
Software: nginx / PleskLin
Resource Hash: 1cca84cc7aec73c47305daaa71a0529ac7771484c0e5cf2199f0e7f66a4bab1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:46 GMT
content-encoding: br
etag: W/"61f576a3-3cce"
last-modified: Sat, 29 Jan 2022 17:17:23 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 07 Jun 2022 19:54:46 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame F0F5 79 KB
30 KB 481ms
480ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_fy2019.js?bust=31067401

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30239
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:54:46 GMT
expires: Sun, 08 May 2022 19:54:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=1925155819;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.airblog.org%2F%3F;ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F;uht=2;fpan=1;fpa=P0-16320634...
pixel.quantserve.com/ 35 B
373 B 97ms
83ms Image
image/gif 2620:116:800b:21:559e:e8a8:8a19:7f11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1925155819;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.airblog.org%2F%3F;ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F;uht=2;fpan=1;fpa=P0-1632063488-1652039686641;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=airblog.org;je=0;sr=1600x1200x24;dst=0;et=1652039686641;tzo=0;ogl=title.AIRBLOG%20-%20ARCHIVIO%20TECNOLOGICO%2Cdescription.%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eairblog%252Eorg%2F%2Csite_name.AIRBLOG%20-%20ARCHIVIO%20TECNOLOGICO

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:559e:e8a8:8a19:7f11 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 May 2022 19:54:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 144C 41 KB
21 KB 249ms
102ms Document
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&co=aHR0cHM6Ly93d3cuYWlyYmxvZy5vcmc6NDQz&hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=ogs2reuyat2s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VLFEB+dVKYk/2gZHFATNFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21873
content-security-policy: script-src 'report-sample' 'nonce-VLFEB+dVKYk/2gZHFATNFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:54:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 128ms
127ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.airblog.org%2F%3F&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 May 2022 19:54:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1865 0
20 B 190ms
180ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&adk=318159125&adf=2184669829&lmt=1652010239&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.airblog.org%2F%3F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039686045&bpp=2&bdt=1602&idt=719&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280%2C360x280&nras=1&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=768

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_fy2019.js?bust=31067401

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.airblog.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 19:54:47 GMT
expires: Sun, 08 May 2022 19:54:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
661 B 543ms
62ms Image
text/plain 8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34010&puid=2c3413ceb1e0bae8&gdpr=0
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1
https://s.cpx.to/ca.png?dsp=dbm&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1&google_gid=CAESENGnADG0uBnjFmRuKuMUwT8&google_cver=1

95 B
804 B

148ms
148ms

Image
image/png

52.30.190.237

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1&google_gid=CAESENGnADG0uBnjFmRuKuMUwT8&google_cver=1

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

52.30.190.237 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:54:47 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Sun, 08 May 2022 19:54:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1&google_gid=CAESENGnADG0uBnjFmRuKuMUwT8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Df8bb7ff0-b75b-437e-a5aa-aff258e51fd1&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1&gdpr=0&cklb=1

0
75 B

38ms
37ms

Image
text/plain

199.187.193.192

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1&gdpr=0&cklb=1
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: HTTP/1.1
Server: 199.187.193.192 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:46 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1&gdpr=0&cklb=1
pragma: no-cache
date: Sun, 08 May 2022 19:54:46 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3Dhttp%253A%252F%252Fairblog.org.admin-mcas.ms%252F%26url%3Dhttps%253A%252F%252Fwww.air...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253Dhttp%25253A%25252F%25252Fairblog.org.admin-mcas.ms%...
https://s.cpx.to/an_fire?app_nexus_uid=4998728711383449237&pid=12771&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=f8bb7ff0-b75b-437e-a5aa-aff2...

95 B
865 B

362ms
147ms

Image
image/png

52.30.190.237

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=4998728711383449237&pid=12771&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

52.30.190.237 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:54:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 08 May 2022 19:54:47 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 08 May 2022 19:54:47 GMT
X-Proxy-Origin: 38.132.118.74; 38.132.118.74; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 94e90207-3a5b-4e1c-8809-8bf9064e6edc
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=4998728711383449237&pid=12771&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&url=https%3A%2F%2Fwww.airblog.org%2F%3F&hn_ver=40&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df8bb7ff0-b75b-437e-a5aa-aff258e51fd1
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df8bb7ff0-b75b-437e-a5aa-aff258e51fd1
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9BEA1156-0746-4B19-812C-93BB23B66004&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1

95 B
881 B

401ms
150ms

Image
image/png

52.30.190.237

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9BEA1156-0746-4B19-812C-93BB23B66004&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

52.30.190.237 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:54:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 08 May 2022 19:54:47 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9BEA1156-0746-4B19-812C-93BB23B66004&fid=f8bb7ff0-b75b-437e-a5aa-aff258e51fd1
date: Sun, 08 May 2022 19:54:47 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=dc532926-9f65-4574-8403-871eab9654ca&dsp=TTD

95 B
876 B

304ms
162ms

Image
image/png

52.30.190.237

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=dc532926-9f65-4574-8403-871eab9654ca&dsp=TTD

Requested by

Host: www.airblog.org
URL: https://www.airblog.org/?

Protocol

HTTP/1.1

Server

52.30.190.237 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 08 May 2022 19:54:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 08 May 2022 19:54:47 UTC

Redirect headers

pragma: no-cache
date: Sun, 08 May 2022 19:54:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=dc532926-9f65-4574-8403-871eab9654ca&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1 400
Bad Request sync
pool.grid-data.bidswitch.net/ 43 B
244 B 487ms
70ms Image
image/gif 35.211.144.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: www.airblog.org
URL: https://www.airblog.org/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.144.1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.airblog.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:54:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK notifyme.php
adtrack.adleadevent.com/ 0
526 B 701ms
154ms XHR
application/x-javascript 46.137.175.60

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.175.60 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 May 2022 19:54:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 May 2022 19:54:47 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.airblog.org
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 588ms
56ms Preflight
application/json 74.119.119.139

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 08 May 2022 19:54:46 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1157
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 16629023137544312309
tpc.googlesyndication.com/simgad/ Frame 508C 24 KB
25 KB 339ms
175ms Image
image/png 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16629023137544312309?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkf-YAzw0JAhsgMOG8EJqUE-AZY_Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685546&bpp=10&bdt=1102&idt=587&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&correlator=3364916976548&frm=20&pv=2&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RnBEu5mAFU&p=https%3A//www.airblog.org&dtd=636

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 04:58:48 GMT
x-content-type-options: nosniff
age: 485759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25085
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 20:40:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 May 2023 04:58:48 GMT

GET
H2 200 abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 508C 19 KB
8 KB 310ms
152ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:36:20 GMT

GET
H2 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 508C 3 KB
1 KB 394ms
253ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:42:26 GMT

GET
H2 200 qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 508C 15 KB
6 KB 385ms
244ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:33:05 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 508C 120 KB
37 KB 207ms
205ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 19:54:47 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 508C 30 KB
12 KB 395ms
256ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 08:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 08:26:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4485 6 KB
670 B 233ms
86ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=4094043489&adf=3069128770&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685556&bpp=7&bdt=1112&idt=678&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KLMbobVGYv&p=https%3A//www.airblog.org&dtd=721

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 May 2022 19:01:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 May 2022 19:54:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 May 2022 19:54:47 GMT

GET
H2 200 load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 4485 2 KB
985 B 401ms
245ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:48:59 GMT

GET
H2 200 abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 4485 19 KB
8 KB 224ms
68ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:36:20 GMT

GET
H2 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 4485 3 KB
1 KB 386ms
255ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:42:26 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4485 120 KB
37 KB 97ms
95ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 19:54:47 GMT

GET
H2 200 qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 4485 15 KB
6 KB 233ms
78ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:33:05 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js
www.gstatic.com/mysidia/ Frame 4485 30 KB
12 KB 212ms
69ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Thu, 05 May 2022 20:56:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 00:38:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F0F5 6 KB
670 B 222ms
84ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 May 2022 18:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 May 2022 19:54:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 May 2022 19:54:47 GMT

GET
H2 200 load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame F0F5 2 KB
939 B 402ms
254ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:48:59 GMT

GET
H2 200 abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame F0F5 19 KB
8 KB 233ms
85ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:36:20 GMT

GET
H2 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame F0F5 3 KB
1 KB 362ms
245ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:42:26 GMT

GET
H2 200 qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame F0F5 15 KB
6 KB 282ms
135ms Script
text/javascript 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 19:33:05 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F0F5 120 KB
37 KB 162ms
161ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 19:54:47 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js
www.gstatic.com/mysidia/ Frame F0F5 30 KB
12 KB 205ms
76ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Thu, 05 May 2022 20:56:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 00:38:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 508C 0
0 98ms
97ms Fetch
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C34MnBiB4Yrj6F6yZoPMPrK6FyAns88vnad2N2_WYD4HP27uBHxABIPSHlShgyYaAgNyjxBCgAdfJzuEDyAECqAMByAPJBKoEyQFP0NRBo-Qi5YrvaZazMnC_2BzUY0G0vZsVAez2whiBUzy_81srnDHWm9YPPacpcUcj9RNPx6r82pvuVuRFKfTD4LfUy2VaXYrAkvjb1VLt4xnp2I02vhFMvbN7T9jDrBObgKXyM2BJPdLQVz-R1mXLVUUravSu0bMjThftv7hyOunehUWmaQ8Ws6SMrS_gwWOC5VZq3wXHH_F5AFBOYyaiPbAff16ruRNCdI_XL-SoH_SG_TlPZDIa7paCaN72hr-a_ZUXTM_6KgXABLf9za_zA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeRtrEeqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQi7od0ggHCIBhEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zODc3MjgyMTUyODA4ODgwGAA&sigh=sS6mov8Z9qI&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685546&bpp=10&bdt=1102&idt=587&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&correlator=3364916976548&frm=20&pv=2&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RnBEu5mAFU&p=https%3A//www.airblog.org&dtd=636
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 May 2022 19:54:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 08 May 2022 19:54:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4485 0
0 114ms
113ms Fetch
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMT9GBiB4YvTwF6qANemAnoAFxc7HrWnp1a6c5Q-7uPSajA4QASD0h5UoYMmGgIDco8QQoAGsoPyQAcgBCagDAcgDywSqBM4BT9CvAaVBHB97EnConKX1eEk94P3EWbih7Pfb04N3i92e3LxjaOD7TkifqaofsYFfwpJ-5YNG5zA3xp5blF_PCulFMryBs-UWVQpx2242ndtblOMkgJ8gxVxhw7uMFUBPzvM9kKMQnnF5gN_0OJg1CTMqoAFx4z2NKE4H3BWGoI2trJr5qqA0TXaTtjUY5gkmHjbVjoDWDmT37FiwTUogMG1xKcbwVRvDsJID70q23lqAru9HVfYAC3pPgTJskGVh80jLD1xwNI76jJ54OnPABNmmueTsA5IFBAgEGAGSBQQIBRgEoAYugAe834PvAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENKlJdIIBwiAYRABGB-ACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItMzg3NzI4MjE1MjgwODg4MBgA&sigh=5aulbu97iZA&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=4094043489&adf=3069128770&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685556&bpp=7&bdt=1112&idt=678&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KLMbobVGYv&p=https%3A//www.airblog.org&dtd=721
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 May 2022 19:54:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F0F5 0
0 104ms
104ms Fetch
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCL9KBiB4YqXDJbaexAP21rWICNap_9VhuqqszJcL2tkeEAEg9IeVKGDJhoCA3KPEEKABz8_N4QPIAQmoAwHIA8sEqgTKAU_Q8guD8VUBMVAiQzh5DIc4hk27i9Ul5lVenUY5U2W4nKAKa3y5xGjeL98k5jIviEkSjV_qhRPypC1QuTvYZ76JcO93r-4eYivQHUTDiC-7LNZFouf1YhVJ_EazYGYOjj_VMB1c7F9SyiPa5UAHE_FbUnJvy1m0FfUi2mWN-TaBJ3CEw4CPlvY-IVfHCGji29D61MvUOLZhluyU7c7SW_V90in2bCDBCSrgMLKxK-WLhTKZjbo7nkM29K482ZfyJF3F1EWDRwczc-bABPbulp3KApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeZsLIeqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQoe4i0ggHCIBhEAEYH4AKAcgLAdgTDYgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zODc3MjgyMTUyODA4ODgwGAA&sigh=1V52uRw4i4A&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 May 2022 19:54:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16237598583271629921/ Frame 4485 23 KB
23 KB 317ms
210ms Image
image/png 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16237598583271629921/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 16:22:38 GMT
x-content-type-options: nosniff
age: 12729
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23200
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 11:40:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 May 2023 16:22:38 GMT

GET
DATA 200
OK truncated
/ Frame 4485 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13418341156898360674/ Frame F0F5 14 KB
14 KB 225ms
154ms Image
image/jpeg 2607:f8b0:4006:81f::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13418341156898360674/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=280&slotname=4927486290&adk=2323824419&adf=4045733959&pi=t.ma~as.4927486290&w=360&fwrn=4&fwrnh=100&lmt=1652010239&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.airblog.org%2F%3F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685563&bpp=1&bdt=1120&idt=931&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C360x280&correlator=3364916976548&frm=20&pv=1&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oVrsGSttlj&p=https%3A//www.airblog.org&dtd=970

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 15:52:14 GMT
x-content-type-options: nosniff
age: 273753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13963
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 21:40:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 May 2023 15:52:14 GMT

GET
DATA 200
OK truncated
/ Frame F0F5 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK headerstats
as-sec.casalemedia.com/ 0
429 B 348ms
87ms XHR
text/plain 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.airblog.org%2F%3F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.airblog.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 08 May 2022 19:54:47 GMT
X-AK-INITIAL-GEO: CC:[US], RC:[FL], CN:[NA], CIP:[38.132.118.74], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.airblog.org
X-CS-CLIENT-GEO: 30
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 30
Expires: Sun, 08 May 2022 19:54:47 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame 144C 51 KB
24 KB 70ms
69ms Stylesheet
text/css 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesjMIUAAAAAAfb1EHi4ZFOtV-wePtUlLOZgW5w&co=aHR0cHM6Ly93d3cuYWlyYmxvZy5vcmc6NDQz&hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=ogs2reuyat2s

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 May 2023 00:40:17 GMT

GET
H3 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame 144C 360 KB
142 KB 108ms
107ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 00:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145286
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 May 2023 00:40:17 GMT

GET
DATA 200
OK truncated
/ Frame 4485 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F0F5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame 8E22 0
0 71ms
69ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3877282152808880&output=html&h=90&slotname=2301322957&adk=273346281&adf=3605505036&pi=t.ma~as.2301322957&w=728&lmt=1652010239&psa=0&format=728x90&url=https%3A%2F%2Fwww.airblog.org%2F%3F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652039685546&bpp=10&bdt=1102&idt=587&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&correlator=3364916976548&frm=20&pv=2&ga_vid=1077712848.1652039686&ga_sid=1652039686&ga_hid=244097262&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31067401%2C31062930&oid=2&pvsid=2136070824060561&pem=751&tmod=1495230477&uas=0&nvt=1&ref=http%3A%2F%2Fairblog.org.admin-mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RnBEu5mAFU&p=https%3A//www.airblog.org&dtd=636
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 19:28:04 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 508C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F0F5 0
0

GET KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F0F5 0
0

GET KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4485 0
0

GET KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4485 0
0

GET NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
pagead2.googlesyndication.com/bg/ Frame AB7E 0
0

GET NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
pagead2.googlesyndication.com/bg/ Frame 733D 0
0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 144C 2 KB
2 KB 71ms
71ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 07 May 2022 13:59:43 GMT
x-content-type-options: nosniff
age: 107705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 14 May 2022 13:59:43 GMT

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 144C 0
0

GET KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 144C 0
0

GET webworker.js
www.google.com/recaptcha/api2/ Frame 144C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOuA6rW3hF9Hx_yRJ2IZjXnpNKVJWNex9F9XbiKQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOuA6rW3hF9Hx_yRJ2IZjXnpNKVJWNex9F9XbiKQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=nEGwmCAyCoKVn9PSwAGnQWhY

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.airblog.org/	1970-01-20 03:37:11	Name: _pbjs_userid_consent_data Value: 3524755945110770
			.airblog.org/	1970-01-20 03:34:18	Name: sharedid Value: 27399128-3c32-4e6c-93f6-2adb2cc68dc0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pool.grid-data.bidswitch.net/sync?pid=42 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adservice.google.com
adtrack.adleadevent.com
airblog.org
airblog.org.admin-mcas.ms
ajax.googleapis.com
api.rlcdn.com
as-sec.casalemedia.com
c.tmyzer.com
ced.sascdn.com
cm.g.doubleclick.net
csync-global.smartadserver.com
csync-us.smartadserver.com
d2zur9cc2gf1tx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
image2.pubmatic.com
js-sec.indexww.com
kvt.sddan.com
match.adsrvr.org
mcasproxy.azureedge.net
mug.criteo.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
pool.grid-data.bidswitch.net
rules.quantcount.com
s.cpx.to
script.4dex.io
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
sync.mathtag.com
sync.smartadserver.com
tag.leadplace.fr
token.rubiconproject.com
tpc.googlesyndication.com
www.airblog.org
www.google.com
www.googletagservices.com
www.gstatic.com
fonts.gstatic.com
pagead2.googlesyndication.com
sync.mathtag.com
www.google.com
104.36.115.109
13.225.66.191
141.95.98.71
142.250.80.2
142.250.81.226
145.239.192.166
15.197.193.217
151.139.128.11
199.187.193.192
23.52.162.21
23.55.166.87
2600:141b:13::17d7:8290
2600:141b:13::b833:928b
2600:141b:13::b833:92eb
2600:9000:21dd:aa00:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700:20::ac43:4bf1
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::2004
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::200a
2620:100:a001::c
2620:116:800b:21:559e:e8a8:8a19:7f11
34.120.155.137
35.211.144.1
46.137.175.60
51.158.28.82
51.222.239.230
52.224.188.157
52.30.190.237
52.48.146.43
54.38.64.100
68.67.160.132
74.119.119.139
78.46.71.241
8.43.72.97
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0897bd600f16f8867b46fdb9058e820bfa6cc1bdf01a1975219b553c7a7fc2d4
1cca84cc7aec73c47305daaa71a0529ac7771484c0e5cf2199f0e7f66a4bab1c
1dcb7b0b76d8b08d2c572f9df3b28aefb7b29a35f04812dcdcb91a0ef87a0f6b
25a9b61a13f84c11ed5ae966543a5850d29fa31725b68733c140801bcbe637bc
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
303b7acf1f54f053c84b9a9d889a693ff90e39ecec8fdadac43201449d116be8
319f22513aa812f96bf8b5dbb6c9e493dd01c197b7818a549b91c8140d88888b
3715d898091d218facfde51025bc504a59b4cc8a6a388061ae0af810fc2678dc
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
386c70b09d2cf5c1409995da702d6b7ee84167eeffe0a9b22e2f41a240116032
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4b59d3f4611209129c1175f5fdb86740b3e59a8f5e4edadb74e599442eb8d168
4d70fba35f65607cf8dc3afdb182f6de297294ab48e8f080becb7e31d30e306a
4db5040b38ec7a9aa5e7f7200e540a5b2e3c6f7ff8f027bb45acb98de8b41205
4e44758542e7203cb2050755ccf83633e63e62d854aff74c928943088be90075
514d168fcfac4a69ed0fbe1508eec4a7a66a465456149ed2c294f59035e908b8
53a876a4f4b7d9b7437e5c21bc37146d0980d4d21444365038f3df443154e950
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
551ba1ecbe0bbb90ff6dc576dc32dec584bea60f694faa0b39fe66166e7d3818
5773246ab9ff5dfb7d8eddde1cba8b596badf0c4414f1b37ce24db69d106c77a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5e1959636a4c2e11cd8b36ffbbca8e00131fd2e1cc371a6a4e0d65f6f47a6050
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6aca192cc70f1806393546414494a80c2ac47230d1ab85cf7fc534ca014b8232
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6c924400dc0bafd7bc6e33c58502800262426bc2696b6995dff4189261ec17de
6f2d216249fa0403988a11f971042cda8aca1e057434422d93bfa2593ef092ef
6fe859cc9b0b4c24daf635f4203f7e6c92230369ad24686616f64b8a3dffa26f
7113196619fd9ddf95ab6975a259b6eb5ed973adebf5eb1d4185d18233889b20
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cc134912df21850088036f583fbfeefb6baa7a2a5bdbf253b8d024ae6a56e4e
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8af68f83b12515bf2b6eb71eb160a35765cba6c72bafb2566061b34fbcedb459
8c74567dc7b8ad6305d04a844576b6d80b53fae701e2f3072b1dee98ecb26794
8c95fbf9e1dab750326a1d2e0dbdff3d091b0695fcefea56f0ff403496c940a2
8d047bda78f411b89fae57e2cf3a9ae2167985eb4b6534eb26f470397abae8e0
8d47cc1b7cf6a7d253890cd1c86c372ca1cb31d9bcc156193c1fca42e821b987
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8de58826e0ea4c15255efaf99058147349aaa938684ed7d9bcc77788ee5daa94
8dfa47d90b2c2d2e54b25c23ec95c125a116bb550b8c438bcbd3a4439258519f
976ce9d9acb9658e97840767d7ba2988a7e405c6b65d09331859c820791c1c4c
98e8d18ad3a3ccd09313b477fe69971f58850834e52fba04bf733d7e4113cc11
9a00fd4974dcbb8c4d9c62d6d91b2f0a2ba3a18caad457cf87c2e6d7eb182759
9a297de328634be2246c3dbef0c619d1cf8d4858e592baedbd712041898df72b
9a5213cf9e6ba5680022244266ded05532e568d7cf682740b169ee681344025b
a0b12ed38dbb008349e5e39981d20acf4a4062ac5ad38bac3ea35ca3f80da430
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23682dd7421e99919fc31901326d5e9d9d0cd722ae8e55afed0549a93a97e05
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285
ad03183b18118b9fb32a9906e2b1f763eeba064175b014d3e17cd02f0b6a06fa
af3ce861484039c35a1811f0b24c2073a3885273954c8bbc16c53815cc2c8f96
b187e1e9324f0295eb618a1639815f27538926a181f86c3a4a1e9e76f7282157
b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2
b3a66a92ba645a81f3be52f412f621bf7b0cec656dad0ca354840953eb8a2bdb
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b5c62131a0575cca97da8d53cecf82538ec888c994bed1134bf929a674dacd87
b7c2f6897797b91368989fdf497f734262181ada58b8003b3e9295e2348c9337
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c239be51a9f5c7ccaaf7a4fdac88716365d297025223d399d263500e33239e5b
c6bde0f57fb547a76c9a6a14ad5e51b942e0e182ed5b22e0dff4cdd6b5099ae0
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
c8c9b01c729ee2da404f2d4f1cc65c5397ee4efc4d6d67c7441cc31fb09e303d
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d153888853d763598eab808a0b1de15c8a710a958191cead9288b2e76c8fc3f7
db0037fc89f3ffe6f3742f500760ec2bc6b965f4039ad9b8a524bfd4418c7e2b
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df0af21979edaeac51f768c69a72eb3804fc6425346f171b6839c326a8cdaef4
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea4e05b419e4603038c3140f01d23296d4981e4f4a0107a7d9d2bf781acef11c
f0989c5e16cbf933b4473698a865f0023589d2a2021fb516d81bfa3d9bc2988a
f2c0c8b35cdcfee45ed0246d32b1c5f39ff94bc88ae45d2d87559c91a4b05f5d
f641acb5aef9ad3c1795e08ab4b07b11abab1bf27a46fc0ee0a09bdc5400f55e
f7a2f6732915bf51f4c1c55e0db025e3d106a69d40aa6fb9c28219418f81c922
fc5166447e6081f9e7260b18e7b982af56cfb0c252e2f25575d3d49181a8f3d1
fddbd81c9f8ae7dbaaf16aec67e5db4e4707aa06ca062737eedc13c5e115f112

www.airblog.org Open in urlscan Pro 78.46.71.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

88 %HTTPS

41 %IPv6

35 Domains

46 Subdomains

38 IPs

5 Countries

3094 kBTransfer

5526 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.airblog.org Open in urlscan Pro
78.46.71.241 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

88 %
HTTPS

41 %
IPv6

35
Domains

46
Subdomains

38
IPs

5
Countries

3094 kB
Transfer

5526 kB
Size

2
Cookies

153 HTTP transactions
5 data transactions