blog.buvnz.com Open in urlscan Pro
2607:f8b0:4006:80e::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.buvnz.com/
Submission: On March 21 via api (March 21st 2024, 1:14:20 pm UTC) from US — Scanned from US

Summary HTTP 82 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 12 domains to perform 82 HTTP transactions. The main IP is 2607:f8b0:4006:80e::2013, located in United States and belongs to GOOGLE, US. The main domain is blog.buvnz.com.
TLS certificate: Issued by GTS CA 1D4 on March 20th 2024. Valid for: 3 months.

This is the only time blog.buvnz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2607:f8b0:400... 2607:f8b0:4006:80e::2013	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
20	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:823::2009	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:80a::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.237.172.250 34.237.172.250	14618 (AMAZON-AES) (AMAZON-AES)
3 4	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2600:9000:247... 2600:9000:247b:d200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f13:800... 2600:1f13:800:7780:318f:99ca:1075:d158	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:823::2004	() ()
82	18

4 2607:f8b0:4006:80e::2013 (United States)

ASN15169 (GOOGLE, US)

blog.buvnz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2009 (United States)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80a::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.172.250 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-172-250.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.194 (Queens, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.164 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:247b:d200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f13:800:7780:318f:99ca:1075:d158 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	615 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1070 static.adsafeprotected.com — Cisco Umbrella Rank: 895 dt.adsafeprotected.com — Cisco Umbrella Rank: 825	120 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 www.google.com	71 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 353	84 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	55 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1179	2 KB
4	buvnz.com blog.buvnz.com	28 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 371	3 KB
2	blogger.com www.blogger.com — Cisco Umbrella Rank: 9902	54 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 22434	47 KB
1	googleusercontent.com themes.googleusercontent.com — Cisco Umbrella Rank: 20616	224 KB
82	12

	Domain	Requested by
20	pagead2.googlesyndication.com	blog.buvnz.com pagead2.googlesyndication.com tpc.googlesyndication.com
13	tpc.googlesyndication.com	blog.buvnz.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	dt.adsafeprotected.com	googleads.g.doubleclick.net blog.buvnz.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com blog.buvnz.com
5	www.gstatic.com	blog.buvnz.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	blog.buvnz.com	blog.buvnz.com resources.blogblog.com
3	static.adsafeprotected.com	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects blog.buvnz.com
2	www.blogger.com	blog.buvnz.com
2	fonts.gstatic.com	blog.buvnz.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	blog.buvnz.com
1	resources.blogblog.com	blog.buvnz.com
1	themes.googleusercontent.com	blog.buvnz.com
82	18

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.offset.com

Subject Issuer	Validity	Valid
blog.buvnz.com GTS CA 1D4	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-28`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://blog.buvnz.com/
Frame ID: A11332F5EA716D15FF49C304386A2555
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249127864432122&output=html&adk=1812271804&adf=3025194257&lmt=1710921677&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.buvnz.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711026855003&bpp=4&bdt=459&idt=460&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4540147171676&frm=20&pv=2&ga_vid=56617925.1711026856&ga_sid=1711026856&ga_hid=793990092&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95322180%2C95322399%2C95326915&oid=2&pvsid=2415524587665615&tmod=59051371&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=515
Frame ID: B1D3B7F38BB00A3EC141519BFE3D8816
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: A77ABCD5AA00CBFEFBA680C088659737
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: E36696C3C10D0011C430C4CF63E18979
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F55CC3A75D4CE858DB911C08F9254F13
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqSCxDM98KJBBiDsPjYATAB&v=APEucNWlw5DJrmzs3N0WubZ_30E8RHdR9MKsVYX7yW9a_4e1-yR8R2X_RuGvp8VG00cTECGBeG3NT5jnNhwHAJ0a0Wtcfr_Gig
Frame ID: 7E416BF51C11C8326B5AD23D9027C4A8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9CE8126E0EB1EBC9266CD885AFFF0212
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 71AB2361E4D0B82F7AB73D8375C37FD8
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 237723CEC27D8C247B8F24E3B09F6C22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4FDB57FA8339295A7ED544026FBABC36
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 32C60B5F3E99FDE30C92975153F41AD9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14FD6144C034ADF2ADA36CC18C633191
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buvnz's Blog

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

82
Requests

94 %
HTTPS

76 %
IPv6

12
Domains

18
Subdomains

18
IPs

2
Countries

1299 kB
Transfer

3385 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/
Title: Powered by Blogger

Search URL Search Domain Scan URL

URL: http://www.offset.com/photos/394244
Title: Michael Elkan

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/12881610270268219488

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Report Abuse

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIsCq0Kf-DAjgI-ZuJLPJd4&google_cver=1

Request Chain 40

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfwyqdHM7.AAAEpoARChwwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIsCq0Kf-DAjgI-ZuJLPJd4&google_cver=1&google_hm=2

Request Chain 41

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECW-YbKveLX4_XSoLJzve0g&google_cver=1

Request Chain 42

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDkyMTgxODQxNDUzNTUxNQ%3D%3D

Request Chain 48

https://fw.adsafeprotected.com/rfw/bgd/1279704/68125661/xbbe/creative/adj?p=APEucNXJEG8OhVQzT0KToui7fXSbMNahCDmmBrKocJXTAgBbKQWY_F0&d=CqkBAKAmf-Bl14GzED7hJWGlErXhD7H9k15tXwyaAqIxaEJWwH2wrWokqH8i1GN7RxZLhEr_1fHZpPCUQaaq05QJTRPBDo8WUaeAKRMFMGu39bT8FYkmPMIizcoSIuqp8_eQvrFAviqwb83erBPFSHdRsrU8q-ZveLs-MHcby9MnbnvkGmekbkiyygIMglX_lQvNeAxBcQplgVTli0B9CtdPzoq0AbDzVXe6DBK5FQCgJn_ghEzYNu6vx5_HhTu3s3f9c5m3ey6Yuxp8J4fJnHeBfwG5EWcDpQiXK6Z5bqqYCQIZIDG1MAh__oSlKgdPo-PHyqiBO-cVq5AZAh-FUU8F6U60sUkmbaioF8DwbolHWKN2sk_NDQYLyN1u02qbygy5sl3e6bahHYB5Oyu8oaEls6yC5KFQzL_BrmQEkSJiNT-RCM5E73Sr5uxlbMzuoiLkA5dXBKeo58oGPhGuquWLNtYaQfGcXQtnWCGoKICucU5Z4JMJzfEpFXIr9IgV3640Ppi71hxmh4TCrvtnSG7ktCG6oEumhUK4_-N_yxzUgOlFZbVMRrzZkc-drOojzcI5DqJtQL2ZyKP73RoHpTpwKY-WE_EBbO453NTGgxHYXinLt1S95cqwNALCEdM1DPqZYdXJysE7z30PaQNdKlSsmSk05Emf8QKshZUMatQZS8zENM1EJD8FcX7GEm9RjGBSTgpxAeu4AQBBzGWXaK1WbsTFpFw3Es2USTWUNBbZwgLl2-KlRRhGlMeAGPFsuCb348LoO-lfMb_wUaNA-AXhWUF4pF68olQaUritpVQhJ-UVmorZKOCpWed0HUyBsEyiesi8I5mrNMOQVS4RBPPOnNurVav2pPWCKlMLVFSuoRRPvwWj30eMvL8EA0teRJPUvE-sW4h6rGzvhs5MjAMzDN9XPLVtTmuqxuDED_LPNS_Hs8gpxyIOML7ssfUL7FzeBNo4vwQxFA1wyCNZ8tiD47qwRdAyNZOItQts2U_J4bN_2UHnUurbakjlSctRrLbA2mcQ63gTGDPqKnnzy2a3lkQo-4F0Zc9vHHawUE9_XfUfCL7VNCfDq4Hf88WF8b84afJbSOgCyGyBtsEbPwtffeLC4elMhotDffDsonjzZDx1RShcjY97u9VpFY0UEeHa54y1M6-2ShOgVPmI2XPKzzukj7Cg3QMPhv6MKI_zZ-w_trajpgtgZneyzCrGqLCs7hLEvnMxckfZRa8b6YN3t3N-S-v-ELroXYowoVJidEXXCSX5uM42O9n72T_t-zXBbRGRG_y8hDUcPsE5iR2-MOoFW9TDYlS8ad0KpRPIO5ckjdLRqo3oTpxf63QDkpt0nHgMtEzodzqPLbHVMzF1T12WFSRmdzmKMfZ_SzrO_h1VBrN0ictRuT_JEd3h1zfplV2v1AMH5wL69xDMihrYozhJ2PZn94eCrBOeJO6EDPzYAV0T2Jpa60h-aSC_KPq-Xwlt20G8gRDAloysr9_c3m5N94SVg4ykZZ5pPtWy6bPYrkHZru6bd7vDHrkpU9b-ovGil12JC46PjP8XTI6x1WYtDdJr3JU0xsvulV_FKSJLtlJ858WEQ1IXRvdi5S7WAW9ZnDUmuFeoATUTt9kpx2XVvMVyfSIR_0Czw83Rx4u6yckScEjQt1t1EcZ478L0c24qS86uVHTIq8CuG4GdtpMGMQqZVfz9giuGTbMQRe3iuGhO2RevJQDZUPo4J3ocuATbgwqAohbvrOy1IR3jbbtyntqCIRuYdIqkPqEMrUv4vY0fCqGYBMI-r6VjPUIseg_EnCTTJGZCOIQlOwlML6IgAsTPZ44KIZhT10pA1z7Mqq3XB8CRrKRiJINVtgNVg9ijlXHyZDn2D6RR-HJHVWRLtIIOrxbx0O1r2ntoGtUoFBpKVl1jcoGqtHXs9LGJk32rS0oUSeYxoeBarOdxzlIlP4UNwPTXiffh76bNN3KRvJqXn_DOjDqwb4868qRLycN4TtB1yMh3GjSF-JeK-rBIIgjFlFSqdsJ6x-YTo1JT15DV6N5MBTlZ6uAj3Cu2cm2c5_86lwiFTyLUlmPvve9vjmaXus_aaBlEAqdMvm5GeZt-vemM6dH875ZcPh3asy8fTeNTL2URheHZxN1WQvGfii7iz4oYB9gAggOt32dFCjx62ektGKBtUd4Dd2VIV4qx5dVkczseSQca0a-OVpA9RnbJXZJ66P1A6Mvd0Q0Xa-fxLiPrnWWpKbmB0DVxjCDH1WLlIAtDmSye0ChRMG2x-9rHkRUc4wH3ww9Ns96IMPM4pI0aLShRBkREpjrYh2yY7Q7XFQoJwYtxFxf2jzacEIde4XEKCuMsN7FFEOxwwx5IURHSW9rSHuxTAJHjF6AdN1sWK8Yn4FYAc30cGaakbMnHhWnZkxVZ1zs8Sbyx_8IW13rpJqkhGh5Jh7C6c_NZhffrx0mXXtYCtjrhdfFHpu4-d5am_5YC-O58uPVphBBz-uNYFPGoXGx0BuVmjUWzZ8KjIbAyqU1pVz72e_SXqBYGld4U08Gc2Xi_wab_h8xt5kdMqEOMH_4W569GWvC--GTXNQU4udPmG_TQilzUCRo3G1sXasycc3okMJWnUecYoZ3dkIjNG9K5aK15UnpJW2sPgO2c6J_1IbFAbYlvhpoCOJm2MKwLfw08Sf5NZv9PKJyasI6q0f7vJ6HUHpDVYZNFsxBlSkmK0YVeC6thQDSEwc4H2Wfy_eLnpDXzkG1xdFlTP7eT-xqJbUZm8XfvE7XskOw23jWHFfqc4uz5G0g8dpuykZifxtTEAs6fIARzkVIsekDYspabJmS2_oXEKqo1SI8BdcNoaAzmQhSdxz_xS1FuY13oEsyW3aA8VPEoNK9GgmpQEItxCeR53VxrV2agpzVkxKe3eNgSp37C_ffRhwuFxuJZA-RlH-Xj26WhW-nEv5tpLxvnuzKMASVajow7IcXnfEfN5KwUY0o49JfDHp8vWyyqurLSsSokBqe7JenPuY0d3EEVbAJ2icCK5QGRRDOMDgBsC8062ggkvayRtYCzd7OlDHGA78Cjoc7RS1YxKPCFggXJxFl2JOMZC3Jougf7yVs7j2yFZCKaz0Zz1h9wi8m-DBt82LmQSn4uhN4zn46f3-EmA8xe3PrpnXD59g2_y3geZkc326CBSZ-kFX-8bH-24xAAafTlAnTqs45Yq7HJW1DrKqQIj-_pXvKYLssqIfPNmFbxRpHh1T2KwviMqj3ViX1dSTBeqdHGd_r-9Ql_ccnKZ8gASlLhiwXKasBp4JN3aHTP08tZukixP4WCdONEeOeKw7Q0MsYu62lrIgrb8rG9yo44YOaN9unib5uwqrYIIsRGTS-AMbzdnAaNXg4jFUikL1Hn_1QBW6pHl1OP6Qq5Jmu6gtcgbdEtuo0zU_atfo-1Hvp-lCcAyjOO84PD1eu99LpNty0x-my63oxtjkdjtHoaC1kodDvnEzbcpzwKxtUYhLGu9sdW7b9c7yY6lPjgAGRVizZr0CHQIzfCOTri4H8gOdYhcLhAh5W4vKhgS0KEkPgLLSeFIR16Ak7q2SQbr8vouoMfTGuvvITFX5mqis7H3ZVNdVGzNMnsvjEXj_W93FU0myT9aM_EkdSizYOx_shDTdF_rYYuXuOxkko_2mksSbVGslRE2bcRl5Ukat_cevqBy2m0dEPOLL5m0uqdqr7V9qhHGGTluAjB3-DF1ah02yW2Fc-v8RZomUr5aesuIPcFENFTJfeiQloK3TQ1Xk0btb0svv2tPCtQo_SkWlXrYLzdlM4PgqRp5VoNmbRvhjYDZCSrLzKmMYKYOaPbDKdbVNgFU9tSZpGNswnL9TrLz3JCWGT6Qr1PZ9Zd7ylkOuMpMvr4CRIlo-vck5_k3sloBvBW9BpVCAQSTwB7FLtqAypLt-fKs_4_U5G2j4O9igQUQxwCH3a5CbUWZ-HCO5XdVXg2SK3EGOCZdwHZhPg7iRwzelz3ixb7iFA2L_EvpO697viZUAISnGAYAWAB&bidurl=https://blog.buvnz.com/&bundleId=&adsafe_url=https%3A%2F%2Fblog.buvnz.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fblog.buvnz.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240319%2Fr20110914%2Fzrt_lookup_fy2021.html&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240319%2Fr20110914%2Fzrt_lookup_fy2021.html%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7249127864432122%26fa%3D1%26ifi%3D3%26uci%3Da!3%26btvi%3D1&adsafe_type=be&adsafe_jsinfo=,id:704fa577-2392-0323-ed10-64911e8d4cfc,c:7yyXG8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c45d7cb47-2vq9x,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u7F4k7d+11%7C12%7C13%7C14%7C15%7C1611%7C171*.1279704-68125661%7C1711,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:50,oid:ebf5ae31-e784-11ee-80e0-d6fd22aad44e,v:19.8.491,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_728x90.js

82 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.buvnz.com/ 130 KB
21 KB 294ms
106ms Document
text/html 2607:f8b0:4006:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

29f9f3a298894f1cea1d622ae01f0c1bfe556496d54fca722b0e2a9b49523272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 21299
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 13:14:14 GMT
etag: W/"229f11ea9362a5a2a1cf72d75c9788b79c47f5a44411ff2c667b023c58a7edeb"
expires: Thu, 21 Mar 2024 13:14:14 GMT
last-modified: Wed, 20 Mar 2024 08:01:17 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
4 KB 218ms
77ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3475
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Mar 2024 13:14:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 285ms
138ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7249127864432122&host=ca-host-pub-1556223355139109

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a235286e7773f4e7dd79b309571810295b892a8ceca33002fe08c033c474a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
Origin: https://blog.buvnz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51106
x-xss-protection: 0
server: cafe
etag: 1845176297102482009
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 13:14:14 GMT

GET
H2 200 sprite_v1_6.css.svg
blog.buvnz.com/responsive/ 7 KB
3 KB 80ms
79ms Other
image/svg+xml 2607:f8b0:4006:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.buvnz.com/responsive/sprite_v1_6.css.svg

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 08:51:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/svg+xml
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2244
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 28 Mar 2024 13:14:14 GMT

GET
H2 200 image
themes.googleusercontent.com/ 223 KB
224 KB 319ms
157ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228521
x-xss-protection: 0
expires: Fri, 22 Mar 2024 13:14:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 208ms
65ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
Origin: https://blog.buvnz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:28 GMT
x-content-type-options: nosniff
age: 101386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:04:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 224ms
82ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
Origin: https://blog.buvnz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:58 GMT
x-content-type-options: nosniff
age: 105976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:47:58 GMT

GET
H2 200 sprite_v1_6.css.svg
blog.buvnz.com/responsive/ 7 KB
2 KB 79ms
78ms Other
image/svg+xml 2607:f8b0:4006:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.buvnz.com/responsive/sprite_v1_6.css.svg

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 08:51:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/svg+xml
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2244
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 28 Mar 2024 13:14:14 GMT

GET
H2 200 2873066323-indie_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ 136 KB
47 KB 247ms
62ms Script
text/javascript 2607:f8b0:4006:823::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/2873066323-indie_compiled.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f48f3d315041b5b2eb5710ef599d3c592eeecf8e73158392894e895cfee5e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47559
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 12:56:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 27 Mar 2024 08:01:17 GMT

GET
H2 200 1794065108-widgets.js Show response
www.blogger.com/static/v1/widgets/ 142 KB
51 KB 251ms
65ms Script
text/javascript 2607:f8b0:4006:823::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1794065108-widgets.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8038bea4138c6f4160aca7eb48fba293f6aea54f00094485063ec6b458dfd6f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51775
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 23:17:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 20 Mar 2025 08:05:46 GMT

GET
H2 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
3 KB 81ms
78ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3475
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Mar 2024 13:14:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 193ms
191ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7249127864432122&host=ca-host-pub-1556223355139109

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a90b0ad04786b4954b095580d14b3d979de71fcb920c99be233f7c0fde30301d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
Origin: https://blog.buvnz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51161
x-xss-protection: 0
server: cafe
etag: 8538154594224517057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 13:14:14 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 286ms
153ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7249127864432122&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d171c5800ce8a7f739d645ed6fa1563b34f03a7330e62e2e0cf7eac5ddbb65c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141440
x-xss-protection: 0
server: cafe
etag: 2850372246285339807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 13:14:15 GMT

GET
H2 200 sprite_v1_6.css.svg
blog.buvnz.com/responsive/ 7 KB
2 KB 73ms
71ms Other
image/svg+xml 2607:f8b0:4006:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.buvnz.com/responsive/sprite_v1_6.css.svg

Requested by

Host: resources.blogblog.com
URL: https://resources.blogblog.com/blogblog/data/res/2873066323-indie_compiled.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 08:51:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/svg+xml
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2244
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 28 Mar 2024 13:14:15 GMT

GET
H2 200 blogger_logo_round_35.png
www.blogger.com/img/ 2 KB
3 KB 65ms
64ms Image
image/png 2607:f8b0:4006:823::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/blogger_logo_round_35.png

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:46:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Mar 2024 01:59:05 GMT
server: sffe
age: 106039
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2531
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 27 Mar 2024 07:46:56 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1D3 226 KB
62 KB 858ms
672ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249127864432122&output=html&adk=1812271804&adf=3025194257&lmt=1710921677&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.buvnz.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711026855003&bpp=4&bdt=459&idt=460&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4540147171676&frm=20&pv=2&ga_vid=56617925.1711026856&ga_sid=1711026856&ga_hid=793990092&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95322180%2C95322399%2C95326915&oid=2&pvsid=2415524587665615&tmod=59051371&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=515

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39aef38eb11c7bb14e0b146d3186fcfd600a95f7d0a32e3c5932f282e7bdd87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 62825
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 13:14:16 GMT
expires: Thu, 21 Mar 2024 13:14:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 167 KB
56 KB 163ms
146ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d347439aa62e6b6baf4fd72eacf77d55290658f774d54b5e05672fd36312b434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57716
x-xss-protection: 0
server: cafe
etag: 12454665056814667687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 13:14:16 GMT

GET
H2 200 ca-pub-7249127864432122 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 308ms
115ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7249127864432122?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11421a9b65409d4e17318cceaf6b60ceb8812356a611e62c9592c19a81ddd293

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cYwrfvFHmIJCXoJkTi5CMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-cYwrfvFHmIJCXoJkTi5CMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQCzEw7Hi6Yf1bAIdn55_YwIALxk3Jg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame A77A 9 KB
4 KB 67ms
63ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 50464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:13:13 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame E366 9 KB
4 KB 63ms
62ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 50464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:13:13 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWS7tpsNakTSkk0cJDSuYi5Vc4JVdenCYjP74iUMHwFwaaTlZMBjYLpASrBcSQxmqY5P7hRh6Zxhk4g4y41pxp_iKjZ8H49qbZuXEiABC6YJNv0iPEruxpL7w-IhSAF8wVR0rLwYA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 104ms
103ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWS7tpsNakTSkk0cJDSuYi5Vc4JVdenCYjP74iUMHwFwaaTlZMBjYLpASrBcSQxmqY5P7hRh6Zxhk4g4y41pxp_iKjZ8H49qbZuXEiABC6YJNv0iPEruxpL7w-IhSAF8wVR0rLwYA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDI2ODU3LDE1NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ibG9nLmJ1dm56LmNvbS8iLG51bGwsW1s4LCJscmt1MXZ5bWMycyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lrku1vymc2s.es5.O/am=wA/d=1/rs=AJlcJMxBmE6Wco2YVd9vGWk608DN5GI2uQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5de684247193e371ad83d44ab4b2dd7a3840e01a1bbbf63da0811d6db94bf3cd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SCrMVlZyMp4RBsmL_ID6GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SCrMVlZyMp4RBsmL_ID6GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTNsfLph_VsAj-mrM4AAK4RMWE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F55C 14 KB
2 KB 232ms
88ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 13:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 12:38:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 13:14:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame F55C 2 KB
903 B 315ms
171ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 04:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 04:23:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame F55C 23 KB
9 KB 270ms
130ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:44:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame F55C 3 KB
1 KB 231ms
91ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame F55C 20 KB
9 KB 214ms
74ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403130101/ Frame F55C 208 KB
63 KB 69ms
69ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403130101/ufs_web_display.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4677b36060f5d3a00059f9e69141d80faa7ec081b77917def1fd60eed6fd9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Mar 2025 07:51:43 GMT

GET
H3 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame F55C 36 KB
15 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 08:01:22 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame A77A 15 KB
6 KB 290ms
159ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:54:34 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A77A 205 B
229 B 66ms
65ms Image
image/png 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:26 GMT
x-content-type-options: nosniff
age: 105411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 07:57:26 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A77A 604 B
628 B 67ms
66ms Image
image/png 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:21 GMT
x-content-type-options: nosniff
age: 105416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 07:57:21 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame A77A 22 KB
9 KB 277ms
149ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:58:18 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7E41 624 B
246 B 137ms
135ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COqSCxDM98KJBBiDsPjYATAB&v=APEucNWlw5DJrmzs3N0WubZ_30E8RHdR9MKsVYX7yW9a_4e1-yR8R2X_RuGvp8VG00cTECGBeG3NT5jnNhwHAJ0a0Wtcfr_Gig

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 13:14:17 GMT
expires: Thu, 21 Mar 2024 13:14:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9CE8 94 KB
33 KB 146ms
145ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33555
x-xss-protection: 0
server: cafe
etag: 7173713561822972903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 13:14:17 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1279704/68125661/xbbe/creative/ Frame 9CE8 280 KB
83 KB 227ms
64ms Script
application/javascript 34.237.172.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1279704/68125661/xbbe/creative/adj?p=APEucNXJEG8OhVQzT0KToui7fXSbMNahCDmmBrKocJXTAgBbKQWY_F0&d=CqkBAKAmf-Bl14GzED7hJWGlErXhD7H9k15tXwyaAqIxaEJWwH2wrWokqH8i1GN7RxZLhEr_1fHZpPCUQaaq05QJTRPBDo8WUaeAKRMFMGu39bT8FYkmPMIizcoSIuqp8_eQvrFAviqwb83erBPFSHdRsrU8q-ZveLs-MHcby9MnbnvkGmekbkiyygIMglX_lQvNeAxBcQplgVTli0B9CtdPzoq0AbDzVXe6DBK5FQCgJn_ghEzYNu6vx5_HhTu3s3f9c5m3ey6Yuxp8J4fJnHeBfwG5EWcDpQiXK6Z5bqqYCQIZIDG1MAh__oSlKgdPo-PHyqiBO-cVq5AZAh-FUU8F6U60sUkmbaioF8DwbolHWKN2sk_NDQYLyN1u02qbygy5sl3e6bahHYB5Oyu8oaEls6yC5KFQzL_BrmQEkSJiNT-RCM5E73Sr5uxlbMzuoiLkA5dXBKeo58oGPhGuquWLNtYaQfGcXQtnWCGoKICucU5Z4JMJzfEpFXIr9IgV3640Ppi71hxmh4TCrvtnSG7ktCG6oEumhUK4_-N_yxzUgOlFZbVMRrzZkc-drOojzcI5DqJtQL2ZyKP73RoHpTpwKY-WE_EBbO453NTGgxHYXinLt1S95cqwNALCEdM1DPqZYdXJysE7z30PaQNdKlSsmSk05Emf8QKshZUMatQZS8zENM1EJD8FcX7GEm9RjGBSTgpxAeu4AQBBzGWXaK1WbsTFpFw3Es2USTWUNBbZwgLl2-KlRRhGlMeAGPFsuCb348LoO-lfMb_wUaNA-AXhWUF4pF68olQaUritpVQhJ-UVmorZKOCpWed0HUyBsEyiesi8I5mrNMOQVS4RBPPOnNurVav2pPWCKlMLVFSuoRRPvwWj30eMvL8EA0teRJPUvE-sW4h6rGzvhs5MjAMzDN9XPLVtTmuqxuDED_LPNS_Hs8gpxyIOML7ssfUL7FzeBNo4vwQxFA1wyCNZ8tiD47qwRdAyNZOItQts2U_J4bN_2UHnUurbakjlSctRrLbA2mcQ63gTGDPqKnnzy2a3lkQo-4F0Zc9vHHawUE9_XfUfCL7VNCfDq4Hf88WF8b84afJbSOgCyGyBtsEbPwtffeLC4elMhotDffDsonjzZDx1RShcjY97u9VpFY0UEeHa54y1M6-2ShOgVPmI2XPKzzukj7Cg3QMPhv6MKI_zZ-w_trajpgtgZneyzCrGqLCs7hLEvnMxckfZRa8b6YN3t3N-S-v-ELroXYowoVJidEXXCSX5uM42O9n72T_t-zXBbRGRG_y8hDUcPsE5iR2-MOoFW9TDYlS8ad0KpRPIO5ckjdLRqo3oTpxf63QDkpt0nHgMtEzodzqPLbHVMzF1T12WFSRmdzmKMfZ_SzrO_h1VBrN0ictRuT_JEd3h1zfplV2v1AMH5wL69xDMihrYozhJ2PZn94eCrBOeJO6EDPzYAV0T2Jpa60h-aSC_KPq-Xwlt20G8gRDAloysr9_c3m5N94SVg4ykZZ5pPtWy6bPYrkHZru6bd7vDHrkpU9b-ovGil12JC46PjP8XTI6x1WYtDdJr3JU0xsvulV_FKSJLtlJ858WEQ1IXRvdi5S7WAW9ZnDUmuFeoATUTt9kpx2XVvMVyfSIR_0Czw83Rx4u6yckScEjQt1t1EcZ478L0c24qS86uVHTIq8CuG4GdtpMGMQqZVfz9giuGTbMQRe3iuGhO2RevJQDZUPo4J3ocuATbgwqAohbvrOy1IR3jbbtyntqCIRuYdIqkPqEMrUv4vY0fCqGYBMI-r6VjPUIseg_EnCTTJGZCOIQlOwlML6IgAsTPZ44KIZhT10pA1z7Mqq3XB8CRrKRiJINVtgNVg9ijlXHyZDn2D6RR-HJHVWRLtIIOrxbx0O1r2ntoGtUoFBpKVl1jcoGqtHXs9LGJk32rS0oUSeYxoeBarOdxzlIlP4UNwPTXiffh76bNN3KRvJqXn_DOjDqwb4868qRLycN4TtB1yMh3GjSF-JeK-rBIIgjFlFSqdsJ6x-YTo1JT15DV6N5MBTlZ6uAj3Cu2cm2c5_86lwiFTyLUlmPvve9vjmaXus_aaBlEAqdMvm5GeZt-vemM6dH875ZcPh3asy8fTeNTL2URheHZxN1WQvGfii7iz4oYB9gAggOt32dFCjx62ektGKBtUd4Dd2VIV4qx5dVkczseSQca0a-OVpA9RnbJXZJ66P1A6Mvd0Q0Xa-fxLiPrnWWpKbmB0DVxjCDH1WLlIAtDmSye0ChRMG2x-9rHkRUc4wH3ww9Ns96IMPM4pI0aLShRBkREpjrYh2yY7Q7XFQoJwYtxFxf2jzacEIde4XEKCuMsN7FFEOxwwx5IURHSW9rSHuxTAJHjF6AdN1sWK8Yn4FYAc30cGaakbMnHhWnZkxVZ1zs8Sbyx_8IW13rpJqkhGh5Jh7C6c_NZhffrx0mXXtYCtjrhdfFHpu4-d5am_5YC-O58uPVphBBz-uNYFPGoXGx0BuVmjUWzZ8KjIbAyqU1pVz72e_SXqBYGld4U08Gc2Xi_wab_h8xt5kdMqEOMH_4W569GWvC--GTXNQU4udPmG_TQilzUCRo3G1sXasycc3okMJWnUecYoZ3dkIjNG9K5aK15UnpJW2sPgO2c6J_1IbFAbYlvhpoCOJm2MKwLfw08Sf5NZv9PKJyasI6q0f7vJ6HUHpDVYZNFsxBlSkmK0YVeC6thQDSEwc4H2Wfy_eLnpDXzkG1xdFlTP7eT-xqJbUZm8XfvE7XskOw23jWHFfqc4uz5G0g8dpuykZifxtTEAs6fIARzkVIsekDYspabJmS2_oXEKqo1SI8BdcNoaAzmQhSdxz_xS1FuY13oEsyW3aA8VPEoNK9GgmpQEItxCeR53VxrV2agpzVkxKe3eNgSp37C_ffRhwuFxuJZA-RlH-Xj26WhW-nEv5tpLxvnuzKMASVajow7IcXnfEfN5KwUY0o49JfDHp8vWyyqurLSsSokBqe7JenPuY0d3EEVbAJ2icCK5QGRRDOMDgBsC8062ggkvayRtYCzd7OlDHGA78Cjoc7RS1YxKPCFggXJxFl2JOMZC3Jougf7yVs7j2yFZCKaz0Zz1h9wi8m-DBt82LmQSn4uhN4zn46f3-EmA8xe3PrpnXD59g2_y3geZkc326CBSZ-kFX-8bH-24xAAafTlAnTqs45Yq7HJW1DrKqQIj-_pXvKYLssqIfPNmFbxRpHh1T2KwviMqj3ViX1dSTBeqdHGd_r-9Ql_ccnKZ8gASlLhiwXKasBp4JN3aHTP08tZukixP4WCdONEeOeKw7Q0MsYu62lrIgrb8rG9yo44YOaN9unib5uwqrYIIsRGTS-AMbzdnAaNXg4jFUikL1Hn_1QBW6pHl1OP6Qq5Jmu6gtcgbdEtuo0zU_atfo-1Hvp-lCcAyjOO84PD1eu99LpNty0x-my63oxtjkdjtHoaC1kodDvnEzbcpzwKxtUYhLGu9sdW7b9c7yY6lPjgAGRVizZr0CHQIzfCOTri4H8gOdYhcLhAh5W4vKhgS0KEkPgLLSeFIR16Ak7q2SQbr8vouoMfTGuvvITFX5mqis7H3ZVNdVGzNMnsvjEXj_W93FU0myT9aM_EkdSizYOx_shDTdF_rYYuXuOxkko_2mksSbVGslRE2bcRl5Ukat_cevqBy2m0dEPOLL5m0uqdqr7V9qhHGGTluAjB3-DF1ah02yW2Fc-v8RZomUr5aesuIPcFENFTJfeiQloK3TQ1Xk0btb0svv2tPCtQo_SkWlXrYLzdlM4PgqRp5VoNmbRvhjYDZCSrLzKmMYKYOaPbDKdbVNgFU9tSZpGNswnL9TrLz3JCWGT6Qr1PZ9Zd7ylkOuMpMvr4CRIlo-vck5_k3sloBvBW9BpVCAQSTwB7FLtqAypLt-fKs_4_U5G2j4O9igQUQxwCH3a5CbUWZ-HCO5XdVXg2SK3EGOCZdwHZhPg7iRwzelz3ixb7iFA2L_EvpO697viZUAISnGAYAWAB&bidurl=https://blog.buvnz.com/&bundleId=
Requested by: Host: blog.buvnz.com
URL: https://blog.buvnz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.172.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-172-250.compute-1.amazonaws.com
Software: /
Resource Hash: 9973a80f16e1835f25cc37e312bea728e52053eecca1e74f55fe8849f6fa1451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 9CE8 3 KB
1 KB 106ms
84ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 9CE8 20 KB
8 KB 91ms
76ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403130101/ Frame 9CE8 208 KB
63 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403130101/ufs_web_display.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4677b36060f5d3a00059f9e69141d80faa7ec081b77917def1fd60eed6fd9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Mar 2025 07:51:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE8 42 B
63 B 127ms
126ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSnDwpSB9vmk7j3bQdnv7MoX6EqVPWi4I07KV0yRNA9aE78yySglh8rHJAXNyVmB_MMdkN57bl6bYhCUQqCMkdCmvScilzoJ6Uj4hO68LJzsUN0s8

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUnfUtGzTd5dg56uyE-2uHIGpg4k5gB05h5-h3dppJtuLHiTO3Gixi_Og8QVs4_F53fd41aMKJPvmGOAMjgZYXibFyZnM52x-rcuBBFH_VDHAvNqRuTj1c1g8Ps6GZOyUt3BCVZEA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 182ms
181ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUnfUtGzTd5dg56uyE-2uHIGpg4k5gB05h5-h3dppJtuLHiTO3Gixi_Og8QVs4_F53fd41aMKJPvmGOAMjgZYXibFyZnM52x-rcuBBFH_VDHAvNqRuTj1c1g8Ps6GZOyUt3BCVZEA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDI2ODU3LDQ1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImRlIl0sImh0dHBzOi8vYmxvZy5idXZuei5jb20vIixudWxsLFtbOCwibHJrdTF2eW1jMnMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1aca17f588eca4d4ccccd0d8f3b72ba0c308ae72ba2e4cef1716ec45c38015bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VD4JJEOwwFKFGNjMgDL1_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-VD4JJEOwwFKFGNjMgDL1_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDsfLph_VsAj-Wnp7ABADdyTG3"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7E41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIsCq0Kf-DAjgI-ZuJLPJd4&google_cver=1

43 B
335 B

76ms
75ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIsCq0Kf-DAjgI-ZuJLPJd4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqSCxDM98KJBBiDsPjYATAB&v=APEucNWlw5DJrmzs3N0WubZ_30E8RHdR9MKsVYX7yW9a_4e1-yR8R2X_RuGvp8VG00cTECGBeG3NT5jnNhwHAJ0a0Wtcfr_Gig
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CFsI6AtKvBlyHXre2NRGFP5ntkEzS35mA2WutgcXnQVm4USLp%2BVy08mGZkvh3UHLW9rPjlNK86hap4nZO%2B4zkaD7L7OZr8UsNPp3r8iEGJE2L3VUmEY7bQ68ahlLpeso0S4g5o3oFCuLzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867e3445ca4f9af1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIsCq0Kf-DAjgI-ZuJLPJd4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7E41
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfwyqdHM7.AAAEpoARChwwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIsCq0Kf-DAjgI-ZuJLPJd4&google_cver=1&google_hm=2

43 B
772 B

78ms
73ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIsCq0Kf-DAjgI-ZuJLPJd4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqSCxDM98KJBBiDsPjYATAB&v=APEucNWlw5DJrmzs3N0WubZ_30E8RHdR9MKsVYX7yW9a_4e1-yR8R2X_RuGvp8VG00cTECGBeG3NT5jnNhwHAJ0a0Wtcfr_Gig
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDW9H752TMruV6r%2FhWev7%2BFYjSUp8CvnP89dI3OgNqHBdpp1GPvzrXL%2B%2FwqCZbRSNQWLNhlICylUHE6CaW%2F%2FkGSK0Me2ls1zwiWf4lVfA1uk8kwqHg5t2AkiSEG1D62nKse3bUqjZuPTCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 867e34473e498750-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIsCq0Kf-DAjgI-ZuJLPJd4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7E41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECW-YbKveLX4_XSoLJzve0g&google_cver=1

43 B
1 KB

74ms
73ms

Image
image/gif

68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECW-YbKveLX4_XSoLJzve0g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COqSCxDM98KJBBiDsPjYATAB&v=APEucNWlw5DJrmzs3N0WubZ_30E8RHdR9MKsVYX7yW9a_4e1-yR8R2X_RuGvp8VG00cTECGBeG3NT5jnNhwHAJ0a0Wtcfr_Gig

Protocol

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
an-x-request-uuid: 25bd5bd8-3a38-486f-9a76-1abbba3b2284
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECW-YbKveLX4_XSoLJzve0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7E41
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDkyMTgxODQxNDUzNTUxNQ%3D%3D

170 B
243 B

87ms
84ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDkyMTgxODQxNDUzNTUxNQ%3D%3D

Requested by

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
an-x-request-uuid: 63b596f1-1cc3-4bda-8427-952193d70525
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDkyMTgxODQxNDUzNTUxNQ%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE8 0
20 B 140ms
127ms Ping
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4597881771316&version=m202402290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE8 0
20 B 131ms
126ms Ping
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4597881771316&version=m202402290101&ct=76&x=1&cor=17345534397400855000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9CE8 17 KB
13 KB 113ms
113ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APsyzs5UrLE3_GkhHrKIgXptsqcCYf3fh56qhzO7Z6fB0yXtqUvDRX4Ho_BpatGST1Ut_HY2OKGyLaXg1hkdEFu-jbcimKohlx-qFEpxpjmamvk_H4sDmk6Pjlht-8XAaPBditgCRkWAqHU0fsyXEC4tCOJ51mqubRyHDBs3vUA39nVxCZgOcvQLS_BNbgSJNRClDCm3--YAgIKHS3gM2HZhgyGA&cry=1&dbm_d=AKAmf-C6bjFxutBc3jlaGt5VOzwXiebJZP95Bnng8olWLT6EEbMd8cS9R9tioleKBKGhEx3xfKX6GbVjHAFSKz4Amc42vMYcmnv6Kr0EQh66vx9qwhoWs6IPBkRcUQ6QcI_jCEJICVv_ZxVoOywx6R1KyNR2kOfQeS7HRH8VPWQY4gnTQH6jT2RT8w_yBqshGNZ5BjQaRcVqMnsHkGa4EwILpyKgNn0K3v95a1difikkz2fYT_4Jo2dghu9c11mGlDfJWZcKRNaHu0ck0ojSoAFNCtrJp1yG4_ejosl1ExIw6UcFq3qcQC8Ml0hgPyA3WA6vx3bOxjP2DlVAqPe_qKxPBd_k7Os2EBsUxo4rA8sNc6JjzidLNcFfcI6EcopJ8LwfoqmFwcYy6exwHZOI8yjlQOirJJWhgUK6PG13sl-0BQXgZB4EOA6XcbTNIDccVDL8Kc7pOtHuWGMfnVTy-RtuFkmrC0ddu0kc5bkC-V5xlReIydV2ygWYyYwPns9Tv9q1GGHlCT9TVXJ6egst8_xVo0be_CVS5WFKYGLt5-LBQ23VUQDtb3GFbnZdH_knlafumSR5CUn_zH19-2P5JME7ShIUQ0vHI1RzILlR0fGEJsCqFQQQ1TfIYmTO43IVDt_97Wp8SC1763EDZcbbRRa4pLvdidAJoYflvg0Y9JIXxdTlIVeuuT64OyC69bo7ycF70HLAVV1IHrCfrESD06hanHPJ88t2CQZOj_ZMLxzbQQiHF569KQs1xmE2dlkQKyBeS9uUb7hZA6I9CbGkBrsz1HMqfuqVdw41DYErhvvef8KwJpZbvcZNoGS_lNafUrzktnFrdpwqOG0ZE_BQ8pu1ElY5wxwmHdD0afYEehyA74ZQw_XnD-IbmWd9cZtcFuCNvgBC1qOgt6oIL_v-irInLAemFb2MVhQdfLRiTsLJmoSiqZ99cQvMzh6F3E77zqomO8X3aGtoxPvemh0H6tLVoryXJAidjRuASxp4QPciU2XiOjW3yHKosFjV7IvZ6mIwNjf0I0DDLqRoQaTQH7fBMrvwINCtWthsCCbfzMX4_JdjSuHlUuTr_8ZiKpva0FhngIlutUa8ZoWxENGiHB5WbQVWkKWGSScHXqsc957HWo4X2I9SoTw99SjEf6INpCwlKItj2H3pIam5FH0h0Q3ZSwj6B9he1gFeH13JWkuZk_Pp162WqYP95-BNLTgUTlhfzroBm1Q1XxXDS7fqXpOFbsBc5mlsUpHnikM4y-2e9VeWYJTy0RI9U2g2yLwGyHM6IKj4Tsi8T3Tv5OtH1GUy7U-J50FIrf612LCAK1kluMSQI2andZn1yOP66nOc5WRTo9aBJokDE47IqYWj5KqZko8dZVMQ4TzeFPoZX7-4n5nJH4kRs8uKDutZJXxUP-0IPPuu5Bl4_xleVn1LZztp75mK3WVsaHnukrxyhvjV7GtGAVsSj0kXhCbIIKdKqTyq8Q03B4J4E63d3i3AtyNcPQIFrPz3nvdauC-XOVhjRQZGK06Os2HsTO-wlmZQU1Net2pRaP7wOols9SwYDAyskwh1SHYOWZT_EXRYxsy66UXYGD6b8IjABEYnoXyixLEua3wNkuHRz6pptzHpR-mundYng-Y_6gqUMpC3ipEML0pgKP9IPblRSFqIESnkZtBjk7I04z5FZUsEDcG4wrrsoDF6eNHeyYyf5t2oOqJ8LE4KOt6JuIMEUtKNCrhVuRVhJV4Vshlq4c2Mi8hZi00YrEZ6gVIG2_qEdFKuLS5uyDfNysg45LrQy6L2_RtPlrCzFUEgzV6KmbzwgfNRh4tAFamF1h86pkjr4ov8k0LIpyUxT3Kjq_WSFVk8N3RNlXt7C0dr5SyNk_pLRWfQhIyWdjku2fUNjuq3QlVk9vtDeXIX2JleuvGdUhg2Gv2onNe3N3uOrCW2zP-G0ya_NL6svlZ1qNuXGMxh8G0Oyftvcs0H0eGb671IRx0hdY12IPwceNizrl0UJrhYMXMWPCsLJTJHEjQjDiYZ_LphNnW6erXDvOETnxau7z4VLmUdBFpZvMAyjjTtOxrYbX81JO98pSyzFW5RpHU76Cfc9UmGabTQh6iidHCmzHJPbhMdaMg9jf_2EHvY1i4hkLvv0LpKjOghohuWnNTZCgdzqr8hUwcLRIIYZ0ollCHfAIaVHuypKTEghyPnNcagAJtpjOcQrytkIG6hd2DmTcdq2VOIYw9aZbejK7T7aVU8QFNqDNeMRwzcT7lXpri7pEi3FSYrCgFTySLUwiQFd2kyWDfsI3AggQ9S3JuYMAEEmhte7WImR7En50ZANob4Rn4vyyuF3zAmFy-if0SPxLPEdi6t6oh0T5BB32iys_efLtAdvLoQpxPsrF6Ka8CU0j4tAm9uaZ06087iHMA40h_aUdd0xpq31S93omfgw9E-MXXtsNk7RHPVsXxVV3qPSEFnbnLyoF3u17iavutCYZDgJbE-t1i8UtN6bXBz41EZ7RxSBd9Tmqntb9hot_M9LDvBDr7N7v_ApUakicYNoceIQ5pOrskoIaYT0SwOzwqM0--HOBDlbCkQxHiwgNq6x_nm1afHMIwIqRe0_JPZ8CBjUTHwxn-Sat9FJ3C2ixmcvo1JkOU6hpWO9GeydeFvMXBhdT919AGSWcGV6qOF9T81EIUZgWOcJrrjzDwVpWxsSG6vOs-7m4Se76tB9NDoagVrkPoHWq7wegtYcu-M4cJUIJ1Z_xf1W9ZDaywhMp5N3TWJEgK1J4ZQcpWg4v7Nrj94IEbm9BZDnoadonLjsmI9wNLy9_n83-aau915Wl9SCk4Cg6innX1QzBZSHwZmrofLHIQ36vKfmFo2a1TB-luH9E-3R1qpKhqJ53tAIcyRPVaA-_IeGT_SsLVQNmc84fxKnwW6gkfzbIG1pbgFIAhVstFpv_4qwOAPtF19B0fOqvG4BoNgS4BZp4IBbn3oIh6q1f4o3ca49EagcAiWfnBUNDuwmJD2x8O2fR_r7-GH5I3IgrP9GhT_t5doQmLJ4z-R-OFj2-2c4nzgs0P6_MjjT7sYBVWmIt2fchY&cid=CAQSTwB7FLtqAypLt-fKs_4_U5G2j4O9igQUQxwCH3a5CbUWZ-HCO5XdVXg2SK3EGOCZdwHZhPg7iRwzelz3ixb7iFA2L_EvpO697viZUAISnGAYAQ&dv3_ver=m202402290101&rfl=https%3A%2F%2Fblog.buvnz.com%2F&ds=l&xdt=1&iif=1&cor=17345534397400855000&adk=521587873&idt=163&cac=0&dtd=40

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e07002114819373f292c5ebeb662e5b71fd3f6dde7dfdd41728817a706f2605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12781
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 71AB 52 KB
20 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:47:46 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9CE8 41 KB
14 KB 67ms
64ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APsyzs5UrLE3_GkhHrKIgXptsqcCYf3fh56qhzO7Z6fB0yXtqUvDRX4Ho_BpatGST1Ut_HY2OKGyLaXg1hkdEFu-jbcimKohlx-qFEpxpjmamvk_H4sDmk6Pjlht-8XAaPBditgCRkWAqHU0fsyXEC4tCOJ51mqubRyHDBs3vUA39nVxCZgOcvQLS_BNbgSJNRClDCm3--YAgIKHS3gM2HZhgyGA&cry=1&dbm_d=AKAmf-C6bjFxutBc3jlaGt5VOzwXiebJZP95Bnng8olWLT6EEbMd8cS9R9tioleKBKGhEx3xfKX6GbVjHAFSKz4Amc42vMYcmnv6Kr0EQh66vx9qwhoWs6IPBkRcUQ6QcI_jCEJICVv_ZxVoOywx6R1KyNR2kOfQeS7HRH8VPWQY4gnTQH6jT2RT8w_yBqshGNZ5BjQaRcVqMnsHkGa4EwILpyKgNn0K3v95a1difikkz2fYT_4Jo2dghu9c11mGlDfJWZcKRNaHu0ck0ojSoAFNCtrJp1yG4_ejosl1ExIw6UcFq3qcQC8Ml0hgPyA3WA6vx3bOxjP2DlVAqPe_qKxPBd_k7Os2EBsUxo4rA8sNc6JjzidLNcFfcI6EcopJ8LwfoqmFwcYy6exwHZOI8yjlQOirJJWhgUK6PG13sl-0BQXgZB4EOA6XcbTNIDccVDL8Kc7pOtHuWGMfnVTy-RtuFkmrC0ddu0kc5bkC-V5xlReIydV2ygWYyYwPns9Tv9q1GGHlCT9TVXJ6egst8_xVo0be_CVS5WFKYGLt5-LBQ23VUQDtb3GFbnZdH_knlafumSR5CUn_zH19-2P5JME7ShIUQ0vHI1RzILlR0fGEJsCqFQQQ1TfIYmTO43IVDt_97Wp8SC1763EDZcbbRRa4pLvdidAJoYflvg0Y9JIXxdTlIVeuuT64OyC69bo7ycF70HLAVV1IHrCfrESD06hanHPJ88t2CQZOj_ZMLxzbQQiHF569KQs1xmE2dlkQKyBeS9uUb7hZA6I9CbGkBrsz1HMqfuqVdw41DYErhvvef8KwJpZbvcZNoGS_lNafUrzktnFrdpwqOG0ZE_BQ8pu1ElY5wxwmHdD0afYEehyA74ZQw_XnD-IbmWd9cZtcFuCNvgBC1qOgt6oIL_v-irInLAemFb2MVhQdfLRiTsLJmoSiqZ99cQvMzh6F3E77zqomO8X3aGtoxPvemh0H6tLVoryXJAidjRuASxp4QPciU2XiOjW3yHKosFjV7IvZ6mIwNjf0I0DDLqRoQaTQH7fBMrvwINCtWthsCCbfzMX4_JdjSuHlUuTr_8ZiKpva0FhngIlutUa8ZoWxENGiHB5WbQVWkKWGSScHXqsc957HWo4X2I9SoTw99SjEf6INpCwlKItj2H3pIam5FH0h0Q3ZSwj6B9he1gFeH13JWkuZk_Pp162WqYP95-BNLTgUTlhfzroBm1Q1XxXDS7fqXpOFbsBc5mlsUpHnikM4y-2e9VeWYJTy0RI9U2g2yLwGyHM6IKj4Tsi8T3Tv5OtH1GUy7U-J50FIrf612LCAK1kluMSQI2andZn1yOP66nOc5WRTo9aBJokDE47IqYWj5KqZko8dZVMQ4TzeFPoZX7-4n5nJH4kRs8uKDutZJXxUP-0IPPuu5Bl4_xleVn1LZztp75mK3WVsaHnukrxyhvjV7GtGAVsSj0kXhCbIIKdKqTyq8Q03B4J4E63d3i3AtyNcPQIFrPz3nvdauC-XOVhjRQZGK06Os2HsTO-wlmZQU1Net2pRaP7wOols9SwYDAyskwh1SHYOWZT_EXRYxsy66UXYGD6b8IjABEYnoXyixLEua3wNkuHRz6pptzHpR-mundYng-Y_6gqUMpC3ipEML0pgKP9IPblRSFqIESnkZtBjk7I04z5FZUsEDcG4wrrsoDF6eNHeyYyf5t2oOqJ8LE4KOt6JuIMEUtKNCrhVuRVhJV4Vshlq4c2Mi8hZi00YrEZ6gVIG2_qEdFKuLS5uyDfNysg45LrQy6L2_RtPlrCzFUEgzV6KmbzwgfNRh4tAFamF1h86pkjr4ov8k0LIpyUxT3Kjq_WSFVk8N3RNlXt7C0dr5SyNk_pLRWfQhIyWdjku2fUNjuq3QlVk9vtDeXIX2JleuvGdUhg2Gv2onNe3N3uOrCW2zP-G0ya_NL6svlZ1qNuXGMxh8G0Oyftvcs0H0eGb671IRx0hdY12IPwceNizrl0UJrhYMXMWPCsLJTJHEjQjDiYZ_LphNnW6erXDvOETnxau7z4VLmUdBFpZvMAyjjTtOxrYbX81JO98pSyzFW5RpHU76Cfc9UmGabTQh6iidHCmzHJPbhMdaMg9jf_2EHvY1i4hkLvv0LpKjOghohuWnNTZCgdzqr8hUwcLRIIYZ0ollCHfAIaVHuypKTEghyPnNcagAJtpjOcQrytkIG6hd2DmTcdq2VOIYw9aZbejK7T7aVU8QFNqDNeMRwzcT7lXpri7pEi3FSYrCgFTySLUwiQFd2kyWDfsI3AggQ9S3JuYMAEEmhte7WImR7En50ZANob4Rn4vyyuF3zAmFy-if0SPxLPEdi6t6oh0T5BB32iys_efLtAdvLoQpxPsrF6Ka8CU0j4tAm9uaZ06087iHMA40h_aUdd0xpq31S93omfgw9E-MXXtsNk7RHPVsXxVV3qPSEFnbnLyoF3u17iavutCYZDgJbE-t1i8UtN6bXBz41EZ7RxSBd9Tmqntb9hot_M9LDvBDr7N7v_ApUakicYNoceIQ5pOrskoIaYT0SwOzwqM0--HOBDlbCkQxHiwgNq6x_nm1afHMIwIqRe0_JPZ8CBjUTHwxn-Sat9FJ3C2ixmcvo1JkOU6hpWO9GeydeFvMXBhdT919AGSWcGV6qOF9T81EIUZgWOcJrrjzDwVpWxsSG6vOs-7m4Se76tB9NDoagVrkPoHWq7wegtYcu-M4cJUIJ1Z_xf1W9ZDaywhMp5N3TWJEgK1J4ZQcpWg4v7Nrj94IEbm9BZDnoadonLjsmI9wNLy9_n83-aau915Wl9SCk4Cg6innX1QzBZSHwZmrofLHIQ36vKfmFo2a1TB-luH9E-3R1qpKhqJ53tAIcyRPVaA-_IeGT_SsLVQNmc84fxKnwW6gkfzbIG1pbgFIAhVstFpv_4qwOAPtF19B0fOqvG4BoNgS4BZp4IBbn3oIh6q1f4o3ca49EagcAiWfnBUNDuwmJD2x8O2fR_r7-GH5I3IgrP9GhT_t5doQmLJ4z-R-OFj2-2c4nzgs0P6_MjjT7sYBVWmIt2fchY&cid=CAQSTwB7FLtqAypLt-fKs_4_U5G2j4O9igQUQxwCH3a5CbUWZ-HCO5XdVXg2SK3EGOCZdwHZhPg7iRwzelz3ixb7iFA2L_EvpO697viZUAISnGAYAQ&dv3_ver=m202402290101&rfl=https%3A%2F%2Fblog.buvnz.com%2F&ds=l&xdt=1&iif=1&cor=17345534397400855000&adk=521587873&idt=163&cac=0&dtd=40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:52:16 GMT

GET
H2

200

passback_728x90.js Show response
static.adsafeprotected.com/ Frame 9CE8
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1279704/68125661/xbbe/creative/adj?p=APEucNXJEG8OhVQzT0KToui7fXSbMNahCDmmBrKocJXTAgBbKQWY_F0&d=CqkBAKAmf-Bl14GzED7hJWGlErXhD7H9k15tXwyaAqIxaEJWwH2wrWokqH8i1GN...
https://static.adsafeprotected.com/passback_728x90.js

3 KB
2 KB

108ms
64ms

Script
application/javascript

2600:9000:247b:d200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Server: 2600:9000:247b:d200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:02:29 GMT
x-amz-cf-pop: JFK52-P2
age: 18710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ne5Gaz9h_2vMIk_G4dqTswSW5gtnJ9dlr5uHYOIIw_e9QvCpxJa70Q==

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:17 GMT
server: nginx
x-server-name: app19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2377 91 KB
23 KB 270ms
77ms Script
application/javascript 2600:9000:247b:d200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:d200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 20252919
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: FA1tTStMB6-DU6f0jTbAWxaglWPnjlS_MCXbsBmT7rlDFMEuDSq7YQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE8 43 B
215 B 388ms
118ms Image
image/gif 2600:1f13:800:7780:318f:99ca:1075:d158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1279704&asId=704fa577-2392-0323-ed10-64911e8d4cfc&tv=%7Bc:7yyXHj,pingTime:-3,time:122,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:49%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:122,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7F4k7d+11%7C12%7C13%7C14%7C15%7C1611%7C171*.1279704-68125661%7C1711,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:51%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:318f:99ca:1075:d158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE8 43 B
216 B 385ms
116ms Image
image/gif 2600:1f13:800:7780:318f:99ca:1075:d158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1279704&asId=704fa577-2392-0323-ed10-64911e8d4cfc&tv=%7Bc:7yyXHl,pingTime:-6,time:124,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:124,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B110~0%5D,as:%5B110~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7F4k7d+11%7C12%7C13%7C14%7C15%7C1611%7C171*.1279704-68125661%7C1711,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:51%7D&tpiLookup=ao:blog.buvnz.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:318f:99ca:1075:d158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE8 43 B
215 B 264ms
117ms Image
image/gif 2600:1f13:800:7780:318f:99ca:1075:d158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1279704&asId=704fa577-2392-0323-ed10-64911e8d4cfc&tv=%7Bc:7yyXJo,pingTime:-2,time:251,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:445,beZ:447,mfA:452,cmA:454,inA:454,inZ:463,prA:463,prZ:478,si:495,poA:498,poZ:555,cmZ:555,mfZ:555,loA:569,loZ:575,ltA:696,ltZ:696%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:49%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:251,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B237~0%5D,as:%5B237~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7F4k7d+11%7C12%7C13%7C14%7C15%7C1611%7C171*.1279704-68125661%7C1711,idMap:171*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:51,sinceFw:198,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:318f:99ca:1075:d158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4FDB 38 KB
13 KB 70ms
68ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 106011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 07:47:27 GMT
expires: Thu, 20 Mar 2025 07:47:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE8 43 B
215 B 233ms
133ms Image
image/gif 2600:1f13:800:7780:318f:99ca:1075:d158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1279704&asId=704fa577-2392-0323-ed10-64911e8d4cfc&tv=%7Bc:7yyXK9,time:298,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:298,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B284~0%5D,as:%5B284~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7F4k7d+11%7C12%7C13%7C14%7C15%7C1611%7C171*.1279704-68125661%7C1711,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:51%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:318f:99ca:1075:d158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 9CE8 10 KB
10 KB 74ms
71ms Image
image/png 2600:9000:247b:d200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:d200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Sat, 16 Mar 2024 07:55:17 GMT
via: 1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 536874
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: w98rjZhgxhXG-nlwhKjxh8RZP71dOH4cyx_3cBKhG2L_43SPYWSG2w==

GET
DATA 200
OK truncated
/ Frame 9CE8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7d74e398ceaca419fa49801e82d9b9f8fafb1cf7fe171414b5b6647b63d968f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FDB 52 KB
20 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:47:46 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE8 43 B
215 B 116ms
116ms Image
image/gif 2600:1f13:800:7780:318f:99ca:1075:d158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1279704&asId=704fa577-2392-0323-ed10-64911e8d4cfc&tv=%7Bc:7yyXP5,time:604,type:e,im:%7Bpci:%7Btdr:517%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:604,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B590~0%5D,as:%5B590~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:412,fm:u7F4k7d+11%7C12%7C13%7C14%7C15%7C1611%7C171*.1279704-68125661%7C1711,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:51,sis:371%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:318f:99ca:1075:d158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 mbads Show response
fundingchoicesmessages.google.com/f/AGSKWxWqe7zfpEcKuHR_y4JF06p-bCyMsSJ2DKMk4besKOIoLcxgPF_-74mwBwTO3E4l6VgRytJZZuMxTZiZocugCPP5JhNCA58L9_5DQa-ILacM6pHFkDxmmWIw9R67dvTbkorDDf8NG1ljjXWNUAx1lC96Jptuv... 54 B
110 B 90ms
89ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWqe7zfpEcKuHR_y4JF06p-bCyMsSJ2DKMk4besKOIoLcxgPF_-74mwBwTO3E4l6VgRytJZZuMxTZiZocugCPP5JhNCA58L9_5DQa-ILacM6pHFkDxmmWIw9R67dvTbkorDDf8NG1ljjXWNUAx1lC96JptuvVpa4-Aet0BV9r0Fw_8UawiYSFpDI86L/_/internal-ad-/cashad.-outsidersads-/mbads?/adPos?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lrku1vymc2s.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMySuRJJ5L17GyUkL7_9ZnG4bLjqWA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e43668ceadd4450973c3bf9f55a6ffd2c00b007a2e4c419e66395a1d5adb0109

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C1x5SIqvDcx3SRXslLTeEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-C1x5SIqvDcx3SRXslLTeEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDserph_VsAi_OHX3JCADh5TIq"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db6ebc171ed4e53c6193362ba74a1f2ed954714da66dc7485cfd99e5f1745f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11523
x-xss-protection: 0
server: cafe
etag: 916572542668392311
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 13:56:26 GMT

POST
H3 204 AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 235ms
94ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X2Ef45dvUogq1PAUqYWXgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-X2Ef45dvUogq1PAUqYWXgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBiqGV4xtQKxE7pM1iDgFiIh2PV0w_r2QQ6rq5YywQAyEoMhA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://blog.buvnz.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE8 43 B
215 B 117ms
117ms Image
image/gif 2600:1f13:800:7780:318f:99ca:1075:d158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1279704&asId=704fa577-2392-0323-ed10-64911e8d4cfc&tv=%7Bc:7yyXSd,pingTime:-10,time:798,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjEyOCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1711026858557%7C%7C18328bba0d5563f7548421e010f3063c%7C%7Cc2f0dae1be250666004502f5b1159da0%7C%7Ce7737c5f9b583f039ccacf957a3b528b%7C%7C1cdab24c35e106e4bf7c6b0b4ccf74fa%7C%7C4ee92e503125711f51e632a0bbd7a6f3%7C%7C1001e25c217e4bfe4f61a020ded17557%7C%7C34ac5e2849fa6f060b5a0fb851be931d%7C%7C1663701684%7D
Requested by: Host: blog.buvnz.com
URL: https://blog.buvnz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:318f:99ca:1075:d158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 118ms
94ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vCwKrnL-D52_50UeG6AheA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vCwKrnL-D52_50UeG6AheA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1iDgFiIh2PV0w_r2QRu_Jm1ngkAy4IM-A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://blog.buvnz.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FDB 0
20 B 127ms
126ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bu4yzqTL8ZcOVKsL7xtYP3tyRmAEAAAAAOAHgBAI&bg=!dXaldjnNAAZewuCMfsI7ADQBe5WfOMnx8twjwAkXD48FnKD1-4iiRIlN1MxvUvtF2TQJK4nYxBVU8308APAsxs7ISay1AgAAAM5SAAAADGgBB34ANe5BWqoVuslc95cn-MfxitXRFnUnlEdxK_Lvf_JK15NjX47js1iZq4SKyiyLMpvhmNXEvdkjmQKq7t7vT6qk6OfvJYBI0bmXaNCuB2avN2nisyOeU36l5bIenymDoAfqDpb0XqF4C6B_L9hfvCFadEHE4yrCmyT5-DitI7AzTFzkR4o3hWeQPhcusyJa9dHI31tAdprbeNwrYLrEu7hRAlIH0OPudanU9PFHIjXRuN6Iur3HbaZio8d_b8KBHQVAqp3GOyNLY_5lxgOc6zG0w0HPoVk5PxtlHxVUvnuhPJgIgVSrSk0poZALEwTTL1emFLMAa-vr20ezJuWB9TxsXVPauNMk_zpy_rN0T9kQrnqpERcM2eQSfdEp0czQM7IzXhKaHQrSlTrAonL3R1GYL-TkVXXqhhd-MVCPjY_kGn3Sf_MKkqfy46aa5GgNoidu_LIj7bbv96kjbIVooJYB3V2utA_32zeNOYMj7255HrCwhEiXuireHMUEACqQ9IIC8Z1joyhgp7y3Xt2_GO_QeJiQFZxbU9Va-u7nwKEgJBr9q7OOunWFURzBgaGRYkyg2kJ1nJ65a7rs9Wsmus6YTr5uLGuQ-sa9fWWFxNsvc6HneDQ0kD9Ieiysj5ZldRhyDYb4WU5p-XVIXkVtpzvBaZg-Qarnsx9fSt8H8P3_2nZe9pGTmvViH0-ne7xnFwl2Sz0oPxrkqbyStsBDuDdbgFZv2FJwQAdiUYwT-OVTYhiJ_z73OWVCh3jA9rVWIW2fiGFPlzqJcSsGmSeGmBVg8WVPX3E-lauEHMj2pg5_h-BBfoEK9J_3Bl3VEK32O0pp2ZCHV_JCfaJdni5yRpk_0y0jV3I8hLDYa36rgTdT_2A5L48YAYxCz3-g0eL-Kvza7xyftgFH8Ytdxeor17RNY7aARe7WX6aQ5P4j7Xf-ofP-8a_v3KG7mmusOALyO8NPAWkiVOUGKdIGmMPhMu-oNwXUYw

Requested by

Host: blog.buvnz.com
URL: https://blog.buvnz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 107ms
88ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DuIu9RZVqpM9v-lnwSc7wA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-DuIu9RZVqpM9v-lnwSc7wA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBiqGV4xtQKxE7pM1iDgFiIh2PV0w_r2QReNPevZQIAyWMMfw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://blog.buvnz.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 106ms
92ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1FXer8l5dZMEdxxfv-C5Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-1FXer8l5dZMEdxxfv-C5Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1iDgFiIh2PV0w_r2QQWtE1bywQAyMYMRg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://blog.buvnz.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUVwRKMQlB3sCTm2tss4zZuytTBaflyw-rQT2KyW_ElCl0Jb1ShtTDd6gDbK2dwo2KQWtH8MOAUolggzyOGV0_Fk53qpwfgCBsYPvghDVrD8Pyg1pYsQO4f4YYXvg7LRiVvWREZlA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 108ms
106ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUVwRKMQlB3sCTm2tss4zZuytTBaflyw-rQT2KyW_ElCl0Jb1ShtTDd6gDbK2dwo2KQWtH8MOAUolggzyOGV0_Fk53qpwfgCBsYPvghDVrD8Pyg1pYsQO4f4YYXvg7LRiVvWREZlA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDI2ODU4LDU4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZGUiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ibG9nLmJ1dm56LmNvbS8iLG51bGwsW1s4LCJscmt1MXZ5bWMycyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0aad561d77009956f0aab92589682a93f5a212b3806dba216b2ad2847329240c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lCSZkOpcsmTgxcfWPcLK8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-lCSZkOpcsmTgxcfWPcLK8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDserph_VsAjPeLt3CBADgCDGl"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV5TPKBcIp1lgyi4alD8I3hhlQ1keF-0zARu229sjMn2yK_pUWaE_wtYaznFhej2xNFFZlNsBmHfQgpo9TwT3BGa8ZoX78wVHjvQzNDY09LitAaP6qjC_Somoqj1DWFOMWIQzPJtw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 92ms
91ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV5TPKBcIp1lgyi4alD8I3hhlQ1keF-0zARu229sjMn2yK_pUWaE_wtYaznFhej2xNFFZlNsBmHfQgpo9TwT3BGa8ZoX78wVHjvQzNDY09LitAaP6qjC_Somoqj1DWFOMWIQzPJtw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-teZ323CqlqCicky-JWfttA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-teZ323CqlqCicky-JWfttA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1iDgFiIh2PV0w_r2QQOPNrwmAkAy0wNEA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://blog.buvnz.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 93ms
92ms XHR
text/html 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVc7LW87V2G7HNcnpp4WLNwVm4KkqrwU8FJu7CxmhTlqxK4WmhrwrPNaK4NPzJO_DS9wGQbimv0m-FfXAyTHObfak5mpJu4n12MQzLQ1cgB3-chEWu11rhycuZ6fEfgpMNBzlFX0g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XN1KBB27UYwPCw1kghC4xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XN1KBB27UYwPCw1kghC4xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBiqGV4xtQKxE7pM1iDgFiIh2PV0w_r2QRu3NrwmAkAzCwNJA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://blog.buvnz.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 146ms
145ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240319&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33dc88d5064fd4c1c89f95056b465da71ecd380cdcf6194911c449f479e3e7b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12168
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 107ms
106ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 13:14:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 32C6 13 KB
5 KB 78ms
65ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.buvnz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 105731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 07:52:08 GMT
expires: Thu, 20 Mar 2025 07:52:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 14FD 829 B
1 KB 245ms
88ms Document
text/html 2607:f8b0:4006:823::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

f513f50b9f90e467de8a7bb137a86b451a4e5a7199fd169d8da8ac16d392aee1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mdf1VFeQ-OV64BOnQ3tQAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.buvnz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mdf1VFeQ-OV64BOnQ3tQAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 13:14:19 GMT
expires: Thu, 21 Mar 2024 13:14:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 32C6 40 KB
16 KB 93ms
75ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 00:27:58 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9CE8 42 B
64 B 128ms
125ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucXo14UgQii1FjtMJNebxLkq_a_1k5GNtZpv7JQEWUdMYJOIP1NxOZSxxu8D24KPAYOwJBu2zU4cmgjaWnGH1iYSgmE98_8bOGPrEZ_82xsZdFzFenkqBS1VA_mMtcxjaW0ImDeqYBC2sNEc73gpewTML3iLfLzhg&sai=AMfl-YT_dowGr0l_YryPaLQSs7-qLq_W8BqP2xKzOmNwFGs9-x4BvSy8m1kbY_xjuQolZYsUi2cdRQLj77bRonfEROKiqdG1oE4nX8ddSboy1LhzV-NmtTp0i-8cGZIIzf8JqBXLpOu5BnaEZvgOYTb_7w&sig=Cg0ArKJSzIV0Fdwj58eZEAE&cid=CAQSTwB7FLtqAypLt-fKs_4_U5G2j4O9igQUQxwCH3a5CbUWZ-HCO5XdVXg2SK3EGOCZdwHZhPg7iRwzelz3ixb7iFA2L_EvpO697viZUAISnGAYAQ&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=695965800&rst=1711026857315&rpt=893&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403130101/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 32C6 0
10 B 64ms
64ms Image
text/plain 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UAz7mQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:14:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 14FD 0
0 130ms
129ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240319&jk=2415524587665615&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE8 0
20 B 136ms
135ms Ping
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4597881771316&version=m202402290101&ct=76&x=1&cor=17345534397400855000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 129ms
128ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240319&jk=2415524587665615&bg=!oaKlou3NAAZaswqNerM7ADQBe5WfOOMrN87yUkFyhfuMOgVKWzSSyrVkrZdwyziGI2Ni-lecKG_2htpIADg0bnbKvigoAgAAANtSAAAADmgBB34ANbyNQ0HTL_zbY9s9hX0AbHU1JzSYVJ-ZhyAuyJHjC9qauJRwHsDarhNcUwkS0ghZ6sBG-GxeCgDbDkpNvmuiX2q5-ye7HBUb37RgAYEhCzxXaPZpw2KAeTx8UgCRerzUapaSgVtO_jRELa-dx9_wIllGxYv2cXTGmSqwod87H1Hdhar580XmXoqQiqnoKp80ob7hMPO_HggSTHkFrRH51KeuKxBEhmMeoykQcvjF6I-koIrty7VBCWVIPpB57es2Lb5fW3sz8DEvV9OdgRTGIvLHIbe-BQP9PBs9UxwkudtTFVgtjP292rigCcpehZVy6zoKgZGaV7Xz2upSwlGDDi1aCBeXcsqxN0h3pYeVBxSWE3EOmQJXNG3b6WXqQH-ZXzA1WeFFYXfPaBRSiUy_ODMFjlsxRIQwe2FrEw9dzA6AoyMJEl8NtH0JlCkEFOtJzomO8LYzWzkk85EQYDFQClaEP95RAEScvMunrdGSnTcZhbzgQhVzZ8J6HlxSY3P5YxVv5sI9hdy8VfdR3k_UK8vN6D7gu-p5nlAkVIeJFsRKOYkibLRJjCayK2TFsAVX2_JV7w4Z293t1e4erctvv-m3tIUU70Ib4o2ZZrScd54X5disnJoO1GZXIcjnckrrC9GLnZRREGlxW8j0uoW1l8q0xiKh4I53DtUUkZhUoM-y95cg5kZkJhqo-zQj8YxLkPGj_IS2Zspkj0oq12-xOt1M6lkkVUr385jj4XnIr5-SAGBIKa4XYQW-4mnBWNy-Lyy0avsCYBCpIDp4EQW89wo6cmi5jVgjKJdK0z86JYP9vGf7zINgMgPgmHkdy4uuQyvE7cYM3YMPiVKZugv7WQ7zg_Z9viNo-XZo05kYdsmF4hBZ0aYSW9q0D1B3-TKSB1T97fIBRgY9ZIIV0YXSePSiZ7IC87sTC-cInqDgTDcP5BhxUZy9wV1zoby2HNnFDYFkyQ8gnT7fzAEN0FgabVSzy9hzp1fzqyd1x8ypU3DGb6e69yLK0SreIN5XHFSvsz41DEuoibYDOFCYJtC5LVNW5djerBexEBELoiwGvPgaZv5G8pUN5vEVu2hDFkt14LTqiZvLGVWBYTkD1ApzcK9erP8iR_QbrBU1DqXFzKrEEzlCgVJX-6ahuPMcdlw7qHhEiHb3kJ2e-oipug0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.buvnz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE8 43 B
215 B 124ms
123ms Image
image/gif 2600:1f13:800:7780:318f:99ca:1075:d158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1279704&asId=704fa577-2392-0323-ed10-64911e8d4cfc&tv=%7Bc:7yyYkk,pingTime:1,time:2541,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:49%7D,%7Bpiv:100,vs:i,r:,t:1539%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1539,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1525~0,0~100%5D,as:%5B1525~728.90%5D%7D%7D,%7Bsl:i,t:1539,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:123,fm:u7F4k7d+11%7C12%7C13%7C14%7C15%7C1611%7C171*.1279704-68125661%7C1711,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:51,sis:371%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:318f:99ca:1075:d158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:20 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE8 43 B
215 B 125ms
125ms Image
image/gif 2600:1f13:800:7780:318f:99ca:1075:d158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1279704&asId=704fa577-2392-0323-ed10-64911e8d4cfc&tv=%7Bc:7yyYkl,pingTime:1,time:2542,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:49%7D,%7Bpiv:100,vs:i,r:,t:1539%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:1539,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1525~0,0~100%5D,as:%5B1525~728.90%5D%7D%7D,%7Bsl:i,t:1539,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:123,fm:u7F4k7d+11%7C12%7C13%7C14%7C15%7C1611%7C171*.1279704-68125661%7C1711,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:51,sis:371%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:318f:99ca:1075:d158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 13:14:20 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 04:53:06	Name: IDE Value: AHWqTUnXO5WAZwWZPl6AjkQy6rsRQxvfJ3izaGELWS8zlgdPbBZcPEme09YIP-hm
.buvnz.com/	1970-01-21 04:38:42	Name: __gads Value: ID=eefb9d4dc490d775:T=1711026855:RT=1711026855:S=ALNI_MZz390Ud8yBrDroaeha6CkX_u3XkA
.buvnz.com/	1970-01-21 04:38:42	Name: __gpi Value: UID=00000dd4596faa9f:T=1711026855:RT=1711026855:S=ALNI_MZj1Q08F2vz0ZXRLyXGbLMWVgUIKg
.buvnz.com/	1970-01-20 23:36:18	Name: __eoi Value: ID=0e90bb1ffa1688d6:T=1711026855:RT=1711026855:S=AA-AfjbQSDXdz5AvG70uW0C4kcTD
.doubleclick.net/	1970-01-20 23:36:18	Name: APC Value: AfxxVi7ufv2UkLlJSeOgbVT6Xb0pUCG8QlR2XaEfy5EX1dhvD50XFw
.doubleclick.net/	1970-01-20 23:36:18	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 04:02:42	Name: CMID Value: ZfwyqdHM7.AAAEpoARChwwAA
.casalemedia.com/	1970-01-20 21:26:42	Name: CMPS Value: 1534
.casalemedia.com/	1970-01-20 21:26:42	Name: CMPRO Value: 1534
.adnxs.com/	1970-01-20 21:26:42	Name: XANDR_PANID Value: RtYpcD_jiz-w7Ri0lFm8vwCyLHa86yQ5zURHJPS26w6IBBlpCkQgzhpLVLGJvgqRGAIStf5GCSPrc4f8KQKdy61RXLuJPba_-0P2ADcRPSM.
.adnxs.com/	1970-01-21 04:53:06	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:26:42	Name: uuid2 Value: 6224921818414535515
.adnxs.com/	1970-01-20 21:26:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?fjEQ2K!]tbPl1M>e)ZlrFUfJ+tGXxoaa<KnCKCPvEOPuT_I8'F:@I_Akb#qMi.7ign3If)y3KL9D3I?+v*+QI#
.buvnz.com/	1970-01-21 04:02:42	Name: FCNEC Value: %5B%5B%22AKsRol_ViRYVE1cDOhU1MTjQ66-BmU--h8sbtgFabbmEo_3F_9YvObBC9BfgbbWMPt0QJHAvpmvAXtkcUsHNoxaBdCLwbrKUs_kWsRceWE2dkxPdIGBqdNvkBqZN-xTRz_JAtRxgVuqSQ12Q-iIj0FSmTfMxXURBbA%3D%3D%22%5D%5D

35 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.buvnz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.buvnz.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
resources.blogblog.com
static.adsafeprotected.com
themes.googleusercontent.com
tpc.googlesyndication.com
www.blogger.com
www.google.com
www.gstatic.com
104.18.36.155
142.251.40.194
2600:1f13:800:7780:318f:99ca:1075:d158
2600:9000:247b:d200:8:48e:53c0:93a1
2607:f8b0:4006:80a::2001
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2013
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2003
2607:f8b0:4006:823::2004
2607:f8b0:4006:823::2009
34.237.172.250
68.67.179.164
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0aad561d77009956f0aab92589682a93f5a212b3806dba216b2ad2847329240c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11421a9b65409d4e17318cceaf6b60ceb8812356a611e62c9592c19a81ddd293
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1aca17f588eca4d4ccccd0d8f3b72ba0c308ae72ba2e4cef1716ec45c38015bd
1f48f3d315041b5b2eb5710ef599d3c592eeecf8e73158392894e895cfee5e6a
29f9f3a298894f1cea1d622ae01f0c1bfe556496d54fca722b0e2a9b49523272
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
33dc88d5064fd4c1c89f95056b465da71ecd380cdcf6194911c449f479e3e7b7
39aef38eb11c7bb14e0b146d3186fcfd600a95f7d0a32e3c5932f282e7bdd87b
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e07002114819373f292c5ebeb662e5b71fd3f6dde7dfdd41728817a706f2605
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5de684247193e371ad83d44ab4b2dd7a3840e01a1bbbf63da0811d6db94bf3cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
8038bea4138c6f4160aca7eb48fba293f6aea54f00094485063ec6b458dfd6f8
82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
9973a80f16e1835f25cc37e312bea728e52053eecca1e74f55fe8849f6fa1451
9db6ebc171ed4e53c6193362ba74a1f2ed954714da66dc7485cfd99e5f1745f8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a90b0ad04786b4954b095580d14b3d979de71fcb920c99be233f7c0fde30301d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2a235286e7773f4e7dd79b309571810295b892a8ceca33002fe08c033c474a7
cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c
d171c5800ce8a7f739d645ed6fa1563b34f03a7330e62e2e0cf7eac5ddbb65c8
d347439aa62e6b6baf4fd72eacf77d55290658f774d54b5e05672fd36312b434
d7d74e398ceaca419fa49801e82d9b9f8fafb1cf7fe171414b5b6647b63d968f
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43668ceadd4450973c3bf9f55a6ffd2c00b007a2e4c419e66395a1d5adb0109
e4677b36060f5d3a00059f9e69141d80faa7ec081b77917def1fd60eed6fd9ef
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f513f50b9f90e467de8a7bb137a86b451a4e5a7199fd169d8da8ac16d392aee1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

blog.buvnz.com Open in urlscan Pro 2607:f8b0:4006:80e::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

94 %HTTPS

76 %IPv6

12 Domains

18 Subdomains

18 IPs

2 Countries

1299 kBTransfer

3385 kBSize

14 Cookies

4 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.buvnz.com Open in urlscan Pro
2607:f8b0:4006:80e::2013 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

94 %
HTTPS

76 %
IPv6

12
Domains

18
Subdomains

18
IPs

2
Countries

1299 kB
Transfer

3385 kB
Size

14
Cookies

82 HTTP transactions
1 data transactions