thesmokering.com Open in urlscan Pro
69.64.33.70 Public Scan

URL:
http://thesmokering.com/
Submission: On May 27 via manual (May 27th 2021, 8:01:21 pm UTC) from IN

Summary HTTP 110 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 11 domains to perform 110 HTTP transactions. The main IP is 69.64.33.70, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is thesmokering.com.

This is the only time thesmokering.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	69.64.33.70 69.64.33.70	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::8a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f13... 2a03:2880:f132:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 14	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
110	22

43 69.64.33.70 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: netrelief.com

thesmokering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.thesmokering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::8a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

groups.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f132:83:face:b00c:0:25de (Dublin, Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	thesmokering.com thesmokering.com www.thesmokering.com	2 MB
28	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	480 KB
10	facebook.com www.facebook.com	160 KB
9	doubleclick.net googleads.g.doubleclick.net	52 KB
7	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	123 KB
6	google.com 2 redirects groups.google.com www.google.com adservice.google.com	1 KB
3	googletagservices.com www.googletagservices.com	101 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	fbcdn.net scontent-frt3-2.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net	10 KB
2	google.de adservice.google.de	287 B
1	googleadservices.com partner.googleadservices.com	646 B
110	11

	Domain	Requested by
41	thesmokering.com	thesmokering.com
20	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	www.facebook.com	thesmokering.com www.facebook.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	thesmokering.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.thesmokering.com	thesmokering.com
2	www.gstatic.com	thesmokering.com googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	groups.google.com	thesmokering.com
110	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
groups.google.com
www.soezzy.com
www.thesmokering.com
www.netrelief.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://thesmokering.com/
Frame ID: 9FEB9CD195DF123A86F2DB8DA4237159
Requests: 57 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
Frame ID: F22E39791BC31F7398ADF0DB566B0B8D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622143455&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663157&bpp=9&bdt=642&idt=81&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&correlator=8618535918156&frm=20&pv=2&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Lv7vhiLcaO&p=http%3A//thesmokering.com&dtd=96
Frame ID: 90882BB8C575115FABA0D231B05B56D5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622143455&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663186&bpp=4&bdt=671&idt=96&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CvW1xmMQxI&p=http%3A//thesmokering.com&dtd=102
Frame ID: 2F0DCB3357CAE7BC86EACA7968E956D2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1107008511660248&output=html&h=600&adk=1942723166&adf=4269584164&w=160&lmt=1622143455&channel=2337602155&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663197&bpp=2&bdt=682&idt=97&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C160x600_as&correlator=8618535918156&frm=20&pv=2&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=j2C3oXeDrH&p=http%3A//thesmokering.com&dtd=99
Frame ID: A9374D73A49F35F505E3ED75DA0F5579
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html
Frame ID: B27274D5DBFB5035DF9C8095EC74A1FE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CA2EB19203E8DCCB8657573A16EB1FE3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: 580448A2FED340CC99B017C960E6AFF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&adk=1583717119&adf=1965533518&lmt=1622143455&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fthesmokering.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1622145664500&bpp=2&bdt=1985&idt=2&shv=r20210524&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd120c4253bcc0c5f-22da49274bc8002a%3AT%3D1622145663%3ART%3D1622145663%3AS%3DALNI_MZuq9OwTXEP7qQSYinZOi-d7uLtGw&prev_fmts=728x90_as%2C160x600_as%2C160x600_as&nras=1&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&psts=AGkb-H8Qnq3SP9fAkAIKRQpRfIxP8LAif2I-7Vmtji2ZGlo9W1XpsvSrbjeK8M4R-b4jT34u65k1p71qBRkVXA%2CAGkb-H9UmOS870cBLM4vFM2cBtpXvDRmjonegdcubBpB38uX4zXYOCibvVRHIKwX1tahUlCUc9lJ0N6jZcg&pvsid=3544152521038182&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=16
Frame ID: 102D6E2C6742D2CABB27EC46F4FB2190
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 22CA56FF47E68876CB0631B3DA85A4F4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4439111DDE6D1F60A0F6CC75C724CBE4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Joomla (CMS) Expand

Overall confidence: 100%
Detected patterns

html /(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)\/com_|<table[^>]+class="pill)/i
meta generator /Joomla!(?: ([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)\/com_|<table[^>]+class="pill)/i
meta generator /Joomla!(?: ([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /mootools.*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

110
Requests

60 %
HTTPS

91 %
IPv6

11
Domains

18
Subdomains

22
IPs

4
Countries

3315 kB
Transfer

4707 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/pages/The-Smoke-Ring/54370494536
Title:

Search URL Search Domain Scan URL

URL: http://groups.google.com/group/SmokeRingBBQ
Title: Visit this group

Search URL Search Domain Scan URL

URL: http://www.soezzy.com/

Search URL Search Domain Scan URL

URL: http://www.thesmokering.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.netrelief.com/
Title: netRelief Consulting

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

http://groups.google.com/groups/img/3/groups_bar.gif HTTP 307
https://groups.google.com/groups/img/3/groups_bar.gif

Request Chain 26

http://www.google.com/cse/brand?form=cse-search-box%3C=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 45

http://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355 HTTP 307
https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Request Chain 74

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3lN-PogEQsAkYsAkyCDOmzmmo_2gw HTTP 301
https://tpc.googlesyndication.com/simgad/9621714843503987182

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

110 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
thesmokering.com/ 37 KB
10 KB 426ms
419ms Document
text/html 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: ea4d72087c0ce84e9f56d421a2b3332678b72757d6616bf64269d1fbb0475ca7

Request headers

Host: thesmokering.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7; path=/
Last-Modified: Thu, 27 May 2021 19:24:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 9812
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK style.css
thesmokering.com/components/com_jcomments/tpl/default/ 14 KB
3 KB 120ms
119ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/components/com_jcomments/tpl/default/style.css?v=12
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: f10c42a2b0dc0a3058c6c0b986125c1625ce4de4ad4e1f9e39e811ca971ce187

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:24 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "3861-550d488f61c42-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3154

GET
H/1.1 200
OK modal.css
thesmokering.com/media/system/css/ 1 KB
777 B 235ms
228ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/css/modal.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 0bebc26684519b54ae335b937fa0a1092b472b2c6824b06a58884f8318b92e40

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "487-550d4895032c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 433

GET
H/1.1 200
OK mootools.js Show response
thesmokering.com/media/system/js/ 73 KB
20 KB 358ms
122ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/mootools.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 6f41f29b0f02e5481de7e96b521b618eca399bade637e84457034fab87681d91

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "122c2-550d489505201-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20347

GET
H/1.1 200
OK caption.js Show response
thesmokering.com/media/system/js/ 2 KB
1 KB 357ms
118ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/caption.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 751c93befc1f1c6dbe3c6d302c25cbeee14a405b5a34b25f5b7366fb599f7c78

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "7ab-550d4895032c1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 921

GET
H/1.1 200
OK modal.js Show response
thesmokering.com/media/system/js/ 10 KB
3 KB 366ms
122ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/modal.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 03d34432f9a8d245c766530864c54eb38da44eddd8dba7d04b8b8642533aab6d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "295c-550d489504261-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3111

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
thesmokering.com/media/system/js/ 93 KB
33 KB 477ms
124ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/jquery-1.7.2.min.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "17278-550d489505201-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 33622

GET
H/1.1 200
OK ads.js Show response
thesmokering.com/media/system/js/ 2 KB
1 KB 468ms
116ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/media/system/js/ads.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 92dfa39c819c8fa384420fd0e0d4f2b5b886dd691b1977cce5bd1cd77e3ae2a6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Aug 2017 16:12:19 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "60e-5580ee8acda47-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 774

GET
H/1.1 200
OK template_css.css
thesmokering.com/templates/rt_versatility4_j15/css/ 24 KB
5 KB 233ms
226ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/template_css.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 2e7fd02690c2b3ac12a055a1d86ef18a7d3b2b6c85c5531146f0d230543f9d78

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "61e0-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4913

GET
H/1.1 200
OK menustyle1.css
thesmokering.com/templates/rt_versatility4_j15/css/ 1 KB
814 B 243ms
235ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/menustyle1.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: fb006755b2d123db10b3930cda8234ec7bb37a1f3540f17eb1638070309b28a4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "555-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 470

GET
H/1.1 200
OK style9.css
thesmokering.com/templates/rt_versatility4_j15/css/ 18 KB
3 KB 233ms
226ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: f096f07e076d84ac7a0f534eaf028ca2ddd4443647d9da4bad29b5dd0462acc6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "4808-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2651

GET
H/1.1 200
OK typography.css
thesmokering.com/templates/rt_versatility4_j15/css/ 7 KB
2 KB 233ms
225ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/typography.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 3ac369148d079f0d001ec6665651810a454c2caab0a512bd5aae4bdc1571aa0b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "1b56-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1443

GET
H/1.1 200
OK system.css
thesmokering.com/templates/system/css/ 1 KB
861 B 236ms
118ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/system/css/system.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 0d824c8b104ad2fe36019f4b3238d8c2969ae84008602a1f3d0b96024d6b131a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "569-550d489609de1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 518

GET
H/1.1 200
OK general.css
thesmokering.com/templates/system/css/ 3 KB
1 KB 349ms
116ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/system/css/general.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: ddf43ca5f1ddd28645a5d21dcb48da29ab5beef16b7ba84f882aa43bdf273f8d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "ad9-550d489609de1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 762

GET
H/1.1 200
OK rokslidestrip.css
thesmokering.com/templates/rt_versatility4_j15/css/ 538 B
629 B 351ms
117ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/rokslidestrip.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: e2e98876ea28211c939ec8659ebbc2349a8040ab6fe7798b2f1f9b9bf89e9099

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "21a-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 286

GET
H/1.1 200
OK rokmoomenu.css
thesmokering.com/templates/rt_versatility4_j15/css/ 1 KB
749 B 350ms
116ms Stylesheet
text/css 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/css/rokmoomenu.css
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 8277ada3d1ccd0b1f23a28587ba5c3346b4c6afa9d5a7b7d4c04e51c7b6cb086

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "47e-550d4895ce4c1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 406

GET
H/1.1 200
OK roksameheight.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 589 B
691 B 468ms
117ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/roksameheight.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: d55c65b246a876f75cce868400d9d8f54880cceaff2ea0aaeec5c2aa2731db05

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "24d-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 334

GET
H/1.1 200
OK rokslidestrip.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 5 KB
2 KB 473ms
118ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/rokslidestrip.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 014a5a330356f54c97229892cd15e816d39fda883442930e13f39c7eb247ab91

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "14a1-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1699

GET
H/1.1 200
OK rokfonts.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 2 KB
1 KB 485ms
121ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/rokfonts.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 0a17318dcebcff96868ba5a8e58c6dc8cbc505abfd042190b66b0b116d037cee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "66e-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1023

GET
H/1.1 200
OK rokmoomenu.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 4 KB
3 KB 582ms
116ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/rokmoomenu.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 8c97cfb05def8a6ee856da0e7e3a9e9da8e431361152a06cfbfe4e270040abba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "11f2-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2305

GET
H/1.1 200
OK mootools.bgiframe.js Show response
thesmokering.com/templates/rt_versatility4_j15/js/ 964 B
1000 B 582ms
116ms Script
application/javascript 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/js/mootools.bgiframe.js
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: f3148089ed8727c786141478e43f096a8ff06bce4141ce8aeabe9bfb662e1a4c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "3c4-550d4895dfe01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 643

GET
H/1.1 200
OK SmokeRingLogo.jpg
thesmokering.com//images/stories/ 19 KB
19 KB 119ms
116ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com//images/stories/SmokeRingLogo.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: c88189664b52efac0b21fb0b7eca62e131aecc86422278a34936b00e14f87e9e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "4b2c-550d4894a3781"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 19244

GET
H/1.1 200
OK findusonfacebook.jpg
thesmokering.com//images/stories/ 2 KB
2 KB 121ms
118ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com//images/stories/findusonfacebook.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: ce512fcbd31a5d0fe52c9a39c50be1c97b9018de56cb7f83a4799b291c39868a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "8cc-550d4894a4721"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2252

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 90 KB
33 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: thesmokering.com
URL: http://thesmokering.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1267dcc220bd472ae19df58959d2c036e2dec2bce1263e1b6ba201034b9e331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 27 May 2021 20:01:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13425946567609087636
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 33011
X-XSS-Protection: 0
Expires: Thu, 27 May 2021 20:01:03 GMT

GET
H/1.1 200
OK damian.jpg
thesmokering.com/images/stories/ 8 KB
8 KB 120ms
117ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/damian.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 12c49b8251759efdfda0bb5f904b1c3ccf50c48652f00257be09653bf576ca18

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "2033-550d4894a3781"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8243

GET
H/1.1 200
OK findusonfacebook.jpg
thesmokering.com/images/stories/ 2 KB
2 KB 125ms
123ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/findusonfacebook.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: ce512fcbd31a5d0fe52c9a39c50be1c97b9018de56cb7f83a4799b291c39868a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "8cc-550d4894a4721"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2252

GET
H2

404

groups_bar.gif
groups.google.com/groups/img/3/
Redirect Chain

http://groups.google.com/groups/img/3/groups_bar.gif
https://groups.google.com/groups/img/3/groups_bar.gif

0
0

142ms
112ms

Image
text/html

2a00:1450:400c:c04::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groups.google.com/groups/img/3/groups_bar.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::8a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location: https://groups.google.com/groups/img/3/groups_bar.gif
Non-Authoritative-Reason: HSTS

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

http://www.google.com/cse/brand?form=cse-search-box%3C=en
https://www.gstatic.com/prose/brandjs.js

14 KB
14 KB

6ms
3ms

Script
text/javascript

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: thesmokering.com
URL: http://thesmokering.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
age: 7966
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13880
x-xss-protection: 0
expires: Fri, 28 May 2021 17:48:17 GMT

Redirect headers

Date: Thu, 27 May 2021 20:01:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/prose/brandjs.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Thu, 27 May 2021 20:31:03 GMT

GET
H/1.1 200
OK soezzy_banner.gif
www.thesmokering.com/ads/ 14 KB
14 KB 242ms
233ms Image
image/gif 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.thesmokering.com/ads/soezzy_banner.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: dfacddb48c29b1e9dcfd45d5da5c15b692e2f45d7cdd2e5ac00cc51ecc06864d

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:24 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "3792-550d488f12aa2"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14226

GET
H/1.1 200
OK pdf_button.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 120ms
118ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/pdf_button.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 5c00a1e325581a6362af319e0bd70d8c02c88c35f6d3d155a9ef16fd66cd7dc3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "50a-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1290

GET
H/1.1 200
OK printButton.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 121ms
119ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/printButton.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 56e1ae52992285272c02903e0b1f1e3f3fc1cda4715e62a1bad3f636d2a59d35

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:15 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "510-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1296

GET
H/1.1 200
OK emailButton.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 263ms
118ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/emailButton.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 17da9fa737a8dc84dc780804903c909eceea5fb18ced7e590ef8e8592b585dfc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "503-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1283

GET
H/1.1 200
OK buy-1abimage.gif
thesmokering.com/images/stories/GrillGrate/ 25 KB
26 KB 254ms
116ms Image
image/gif 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/GrillGrate/buy-1abimage.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 06ac68cce976de7ac4949b7ddc2cb54db66d00a9e018eb4ad122882a1a92b0c3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:29 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "652d-550d489418cc2"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 25901

GET
H/1.1 200
OK 20140719_182329.jpg
thesmokering.com/images/stories/GrillGrate/ 2 MB
2 MB 265ms
119ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/GrillGrate/20140719_182329.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 8c642150e811f0535b30fd5435bde11f2362eb61ac2e4cfb8418fd6cb877221b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:29 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "20aa26-550d489397e42"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2140710

GET
H/1.1 200
OK 20140719_182202.jpg
thesmokering.com/images/stories/GrillGrate/ 20 KB
20 KB 261ms
116ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/GrillGrate/20140719_182202.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 840a17e11ca08c0b483f556b60e35a322f7ece30749430adf19f0657ddf9594c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:30 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "50c9-550d48948b0e1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 20681

GET
H/1.1 200
OK 1391841_10151680732516813_677662328_n.jpg
thesmokering.com/images/stories/2013WorldFoodChampionships/ 42 KB
43 KB 117ms
116ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/2013WorldFoodChampionships/1391841_10151680732516813_677662328_n.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 68a102ca091150fd7fb1ea0c5cbff8d1318796c999a31f11beadcbf5f730ffff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7; __gads=ID=d120c4253bcc0c5f-22da49274bc8002a:T=1622145663:RT=1622145663:S=ALNI_MZuq9OwTXEP7qQSYinZOi-d7uLtGw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:28 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "a910-550d489322b42"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 43280

GET
H/1.1 200
OK 1012699_10202455195925081_1449954370_n.jpg
thesmokering.com/images/stories/2013WorldFoodChampionships/ 43 KB
43 KB 122ms
122ms Image
image/jpeg 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/images/stories/2013WorldFoodChampionships/1012699_10202455195925081_1449954370_n.jpg
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: a48b07401f6f015117a64a8fdffb3d9bc047d65e4a6704bb39e53ebedf892789

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7; __gads=ID=d120c4253bcc0c5f-22da49274bc8002a:T=1622145663:RT=1622145663:S=ALNI_MZuq9OwTXEP7qQSYinZOi-d7uLtGw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:28 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "ab75-550d489322b42"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 43893

GET
H/1.1 200
OK smokering.gif
www.thesmokering.com/images/ 6 KB
6 KB 238ms
232ms Image
image/gif 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.thesmokering.com/images/smokering.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 442368871e47a3423eaf02c59622206f5c097e35f22bd6c66b255b2855763542

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:28 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "18b8-550d48931ecc2"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6328

GET
H/1.1 200
OK header-bar.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 208ms
117ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/header-bar.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 0c358e451b20ae9558a97bff19e180d1c4efdc7bbde2863344db37b95b898433

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "540-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1344

GET
H/1.1 200
OK horiz-menu-tab-r.png
thesmokering.com/templates/rt_versatility4_j15/images/style9/menustyle1/ 1 KB
2 KB 209ms
119ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/style9/menustyle1/horiz-menu-tab-r.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: d6b8457a43c1ac2ed656b2a65ee142c6e63db7fb07526efc2a5dd8c0c37e336d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "5d5-550d4895dbf81"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1493

GET
H/1.1 200
OK horiz-menu-tab-l.png
thesmokering.com/templates/rt_versatility4_j15/images/style9/menustyle1/ 1 KB
2 KB 207ms
116ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/style9/menustyle1/horiz-menu-tab-l.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: fe5c86cb0d38a52f8d11e29d40731ba97f883ef241cbfa8bf96eaa3b02dd82cd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "59d-550d4895dbf81"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1437

GET
H/1.1 200
OK horiz-menu-div.png
thesmokering.com/templates/rt_versatility4_j15/images/ 200 B
491 B 203ms
115ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/horiz-menu-div.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/menustyle1.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 3bf09c4d2fa616dd1e2ec513f2f355b4f4e2ea39246d328bb60921038a0d793e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/menustyle1.css
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/menustyle1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "c8-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 200

GET
H/1.1 200
OK sidenav-arrow.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 117ms
117ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/sidenav-arrow.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: a9b10b1c6bbe5e5d42e5942e0a4ae7801c915da700977fa4f6d3c10418787c90

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7; __gads=ID=d120c4253bcc0c5f-22da49274bc8002a:T=1622145663:RT=1622145663:S=ALNI_MZuq9OwTXEP7qQSYinZOi-d7uLtGw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "4f5-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1269

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/ 232 KB
86 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=pub-9130166455821027&plah=thesmokering.com&amaexp=1&bust=exp%3D31060975

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eabbf8979725c08a7ea1fa4e9593c90f2262bc7abff885a43c2fc3b7f9fbf9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87678
x-xss-protection: 0
server: cafe
etag: 1860133438801872969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 20:01:03 GMT

GET
H/1.1 200
OK module-bottom-bg.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 175ms
118ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/module-bottom-bg.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: bf32d6602d2252d6fac88c8e2df30cac23ce51c3c2654e526757163efe8b9b43

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "537-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1335

GET
H/1.1 200
OK module-h3.png
thesmokering.com/templates/rt_versatility4_j15/images/ 1 KB
2 KB 180ms
121ms Image
image/png 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/templates/rt_versatility4_j15/images/module-h3.png
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 9906fdb0472cf2463c74b23d4c119212576a93f600b091bb55b8165038b85637

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/templates/rt_versatility4_j15/css/style9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:31 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "573-550d4895cf461"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1395

GET
H2

200

likebox.php Show response
www.facebook.com/plugins/ Frame F22E
Redirect Chain

http://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

44 KB
13 KB

111ms
109ms

Document
text/html

2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Requested by

Host: thesmokering.com
URL: http://thesmokering.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d54cbcba275ce6a1b3091cc15a272425fdec0b55f4ebcf17d0574237eb880f3d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
x-xss-protection: 0
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: tbdWZCyXBQQni6eDrRcsH/9aHmiJc5DncA++rQgY1e155EiDBTLkpG8diP1jHtJXZ48qI6fba/Kc3YHbhdAa7g==
date: Thu, 27 May 2021 20:01:03 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK jc_blog.gif
thesmokering.com/components/com_jcomments/tpl/default/images/ 90 B
380 B 118ms
118ms Image
image/gif 69.64.33.70
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thesmokering.com/components/com_jcomments/tpl/default/images/jc_blog.gif
Requested by: Host: thesmokering.com
URL: http://thesmokering.com/components/com_jcomments/tpl/default/style.css?v=12
Protocol: HTTP/1.1
Server: 69.64.33.70 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: netrelief.com
Software: Apache / PleskLin
Resource Hash: 54952f484a72464374141c1515910cf11c7a5fcc30a52b2d46b590efece2518f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thesmokering.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://thesmokering.com/components/com_jcomments/tpl/default/style.css?v=12
Cookie: 78afeae11e579f59c717949c1d023159=3opfn4b610spbaci7iuvqq3kj7; __gads=ID=d120c4253bcc0c5f-22da49274bc8002a:T=1622145663:RT=1622145663:S=ALNI_MZuq9OwTXEP7qQSYinZOi-d7uLtGw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thesmokering.com/components/com_jcomments/tpl/default/style.css?v=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 19:24:16 GMT
Last-Modified: Wed, 31 May 2017 16:37:24 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "5a-550d488f61c42"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 90

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
646 B 89ms
33ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=thesmokering.com&callback=_gfp_s_&client=ca-pub-9130166455821027

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=pub-9130166455821027&plah=thesmokering.com&amaexp=1&bust=exp%3D31060975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e721138ff40f67f784af31fa988ac90a72c7d4f64fc9670ce94c587927caa7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thesmokering.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 20:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thesmokering.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 20:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9088 56 KB
15 KB 399ms
399ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622143455&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663157&bpp=9&bdt=642&idt=81&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&correlator=8618535918156&frm=20&pv=2&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Lv7vhiLcaO&p=http%3A//thesmokering.com&dtd=96

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e098e94ca8e718f23da27afa78279520420be91a8de2fe5a84039b9c84e8460f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622143455&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663157&bpp=9&bdt=642&idt=81&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&correlator=8618535918156&frm=20&pv=2&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Lv7vhiLcaO&p=http%3A//thesmokering.com&dtd=96
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 20:01:03 GMT
server: cafe
content-length: 15604
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 20:16:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 20:01:03 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Thu, 27 May 2021 20:01:03 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F0D 87 KB
32 KB 569ms
568ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622143455&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663186&bpp=4&bdt=671&idt=96&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CvW1xmMQxI&p=http%3A//thesmokering.com&dtd=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49bbe6dbdf1db5b651bb96c6d83da20a63b524958dc7e6c0c8ef066d0f295922

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLL0pcDT6vACFXYIogMdT-0IcQ&gqi=f_qvYM67ErWEwuIP1cao2AE&layout=/sadbundle/%24csp%253Der3%24/3275318306830398088/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622143455&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663186&bpp=4&bdt=671&idt=96&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CvW1xmMQxI&p=http%3A//thesmokering.com&dtd=102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLL0pcDT6vACFXYIogMdT-0IcQ&gqi=f_qvYM67ErWEwuIP1cao2AE&layout=/sadbundle/%24csp%253Der3%24/3275318306830398088/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 20:01:03 GMT
server: cafe
content-length: 31743
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 20:16:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 20:01:03 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A937 603 B
242 B 86ms
85ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1107008511660248&output=html&h=600&adk=1942723166&adf=4269584164&w=160&lmt=1622143455&channel=2337602155&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663197&bpp=2&bdt=682&idt=97&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C160x600_as&correlator=8618535918156&frm=20&pv=2&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=j2C3oXeDrH&p=http%3A//thesmokering.com&dtd=99

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1107008511660248&output=html&h=600&adk=1942723166&adf=4269584164&w=160&lmt=1622143455&channel=2337602155&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=D5D5D5&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663197&bpp=2&bdt=682&idt=97&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C160x600_as&correlator=8618535918156&frm=20&pv=2&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=j2C3oXeDrH&p=http%3A//thesmokering.com&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 20:01:03 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 20:16:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 20:01:03 GMT
cache-control: private

GET
H3-29 200 fFR2Q3u6zE3.css
www.facebook.com/rsrc.php/v3/yQ/l/0,cross/ Frame F22E 24 KB
5 KB 36ms
34ms Stylesheet
text/css 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yQ/l/0,cross/fFR2Q3u6zE3.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

028b02da0298a02e2e89381e51ff170eaa459a3f5ad14f4a05038ae3944165c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ckqkXmzl83Y0Lsedgzdtgg==
cross-origin-resource-policy: cross-origin
content-length: 5550
x-fb-rlafr: 0
x-fb-debug: OyHQRNRo84LLiad7iY3JoEy/wM/oJJndYhIbJPHvWEP+x4GqyNyRkU3ULDrqzeGtLvrwUlGI3qk6E58s2t5FzA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 19:19:01 GMT

GET
H3-29 200 5Fsnp3irenq.css
www.facebook.com/rsrc.php/v3/yt/l/0,cross/ Frame F22E 2 KB
868 B 36ms
34ms Stylesheet
text/css 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yt/l/0,cross/5Fsnp3irenq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec98f88129d5c3180c878d70ae27ffcdf7907737e4d2e82ec41b6f81fe1cd8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 16:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: J9gtDCcpBAeYh1TcXJ9kqQ==
cross-origin-resource-policy: cross-origin
content-length: 816
x-fb-rlafr: 0
x-fb-debug: TGaeVsVb6MWCv0fA3yBOzKLMeqLnLtB1xRYFGZywKARqUcVbhVgRKLJjfE2u3t+f5huwpNTsgPD8vESXOxzg+Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 16:04:32 GMT

GET
H3-29 200 rRdpQF5MU4a.js Show response
www.facebook.com/rsrc.php/v3/y2/r/ Frame F22E 293 KB
80 KB 36ms
35ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abb06a0b1c3e20d177c9487ed38d050957aff6039a3c6fa5dfe1e1b92425ec69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 00:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CVgGlvs5c6fw4bV6J57pWw==
cross-origin-resource-policy: cross-origin
content-length: 81394
x-fb-rlafr: 0
x-fb-debug: 1Z1itLO2ddkRwy00O/esfl0auizc/m1HEoXwJ3WoZA40y1WS9DHvXVYmU1lXtz9Uw5vaNrb8AoogENXF/QU1IA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 00:07:47 GMT

GET
H3-29 200 iALMJVe92ZV.js Show response
www.facebook.com/rsrc.php/v3/yd/r/ Frame F22E 63 KB
19 KB 36ms
35ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yd/r/iALMJVe92ZV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a62852a6318a94ccc9346e48da6906e3fd66ce8d32a042e9fe028666e16f2874

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /f2/ujrwni4E9eX78Vgi7g==
cross-origin-resource-policy: cross-origin
content-length: 19638
x-fb-rlafr: 0
x-fb-debug: eNYStZA+8GFrDF74dz/OBL6yl8rYRHdkFMyR21GhlDAC9/q2/Oj4pEiLGjs3FeP9kj43J0SHWSQ4QCD94T1Upg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 May 2022 09:02:54 GMT

GET
H3-29 200 E_Gl3BdgcOh.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yw/l/en_US/ Frame F22E 126 KB
35 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yw/l/en_US/E_Gl3BdgcOh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d09f54d072f2734fc8a3c27ab293e06a10f564a6ae5557d17972cf51d68e19af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: igf0WSmG2b+bEy59/WZ4bQ==
cross-origin-resource-policy: cross-origin
content-length: 35958
x-fb-rlafr: 0
x-fb-debug: Ye3ahGrouIy4pKk+Wq3zdyVHqoW20LHEJeHCeNN6B/Wk0EJQbVhM9Ye8r8aThv+dabR3yV4GmF0vXxKzOV4cbQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 19:19:01 GMT

GET
H3-29 200 IEOQM8FL8ot.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame F22E 5 KB
2 KB 68ms
66ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: 7fHDhYm3WHG6HfLM2aacJgRTKzqAniTy2ez9joo+EJ2f+L+IVU2tt4gTz8HnojZ1u24pTTyOs08+rg7qrZd+OQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 19:19:00 GMT

GET
H3-29 200 q3JF3hLjbAD.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame F22E 2 KB
849 B 68ms
66ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/q3JF3hLjbAD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 15:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1ETliEs92UIU/fKzQa5sDA==
cross-origin-resource-policy: cross-origin
content-length: 797
x-fb-rlafr: 0
x-fb-debug: ZHRDl7PYHuBXywFLLSInZoOo+NQGxKoaaz8AHnghIHoeJbK0siUxTX7qJHhM8zZdK6rJ4DPdE92t5HaIfPgfvQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 May 2022 15:58:34 GMT

GET
H2 200 554556_10150671705754537_574231399_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.18169-0/p133x133/ Frame F22E 7 KB
8 KB 20ms
7ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.18169-0/p133x133/554556_10150671705754537_574231399_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=a61e81&_nc_ohc=Mjn0UKpbCM0AX8FV4pU&_nc_ht=scontent-frt3-2.xx&tp=6&oh=2accc426b2b440e4b0adafdab8f6a45a&oe=60D6A80F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 06068c0160add1cf259e7119e9b7c69192913f756a079bc8ea4cf9f36ca02e02

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 971911059
date: Thu, 27 May 2021 20:01:03 GMT
x-fb-trip-id: 686109401
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3383469625
x-fb-config-version-olb-prod: 1109
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 7453

GET
H2 200 215778_10150180311344537_2993121_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/c84.19.238.238a/s50x50/ Frame F22E 2 KB
3 KB 31ms
17ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/c84.19.238.238a/s50x50/215778_10150180311344537_2993121_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=3BWhTdkHq-IAX-xRDZN&_nc_ht=scontent-frx5-1.xx&tp=28&oh=1c3f3b15bf6b5c08471c20a94872d8b3&oe=60D51682
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 62fe962bdb00167596ab51dcee33c75a62d9afaacf275de2a96d86de408d17bf

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3576806282
date: Thu, 27 May 2021 20:01:03 GMT
x-fb-trip-id: 917726464
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 649096312
x-fb-config-version-olb-prod: f505330fc78246408a01bc4714b0d909
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2325

GET
H3-29 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame F22E 573 B
623 B 33ms
32ms Image
image/png 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yQ/l/0,cross/fFR2Q3u6zE3.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yQ/l/0,cross/fFR2Q3u6zE3.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: C3FrXqGNMs+vSHk93Sba/lZUcyZF+1Rzpf/UzX56SQmX0ylylQFRe5ztGTGrZy/rjwQTDoKgfcSq+emyFOUycA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Fri, 21 May 2021 00:31:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Sat, 21 May 2022 00:31:35 GMT

GET
H3-29 200 5MGvACNezzf.js Show response
www.facebook.com/rsrc.php/v3/yU/r/ Frame F22E 10 KB
3 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f132:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yU/r/5MGvACNezzf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y2/r/rRdpQF5MU4a.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f132:83:face:b00c:0:25de Dublin, Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b6dc9c991ab220cd15c5fac9d15755e9025807cc19579bce39d9c8f36bb0ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=54370494536&width=200&connections=9&stream=false&header=false&height=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 16:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: w/ZAqGEAKUKExzdr+tp73w==
cross-origin-resource-policy: cross-origin
content-length: 3269
x-fb-rlafr: 0
x-fb-debug: +5zQj7TcXseAkckUPdbQtijjin8MzQ6bNLmhYNFlyjgFskf964Pujxx561IYNGvIRnIstKqTbQj8YzwVZNzQag==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 16:06:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9088 3 KB
707 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622143455&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663157&bpp=9&bdt=642&idt=81&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&correlator=8618535918156&frm=20&pv=2&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Lv7vhiLcaO&p=http%3A//thesmokering.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 May 2021 19:26:14 GMT
server: ESF
date: Thu, 27 May 2021 20:01:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 May 2021 20:01:03 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 9088 1 KB
990 B 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:59:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 9088 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 20:00:32 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 9088 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:37:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9088 121 KB
37 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 20:01:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 9088 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:59:40 GMT

GET
H3-29 200 7d9aee27bee51cf015d1b4a8dc2025e1.js Show response
www.gstatic.com/mysidia/ Frame 9088 25 KB
10 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 22:15:01 GMT
server: sffe
age: 562046
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Thu, 19 Aug 2021 07:53:37 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9088 0
0 30ms
27ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CN_zTf_qvYIzgEMSz1fAPjJ2JkAbPrczCYrHQ6ODtDZzwrZPBJBABIIy3oQJglQKgAaDIlMEByAEGqQI5r7sVpHi0PqgDAcgDAqoExQFP0Bt5mdErYc-J9sXJD6Ts6iVeV5-c7L69v1DPmwWNDErWBmJ_sjih_wU008u4VlXHVpv_AnJzrmlKcrvDCf46btfSa8IpvAlokCI60tddc9ja_3ESLrb2bulcWdzhcmU0-TxpuDkeRe2eK-_I4VrvqMx3mMxywR9rZP53fW6zgN1a2hFfUDWzPr3z4VTF9NSLbBUtQR9MLT2-G9fM98u9diRSM8qdhhcmQe-x9QdRQHDGm6UWo0mP3sF4Tl21t0m9g90Y-8AE6L3Y0sYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB8i3674CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDQwQXSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItOTEzMDE2NjQ1NTgyMTAyNw&sigh=AMyt5e59sQ4&template_id=493

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=90&adk=1945336083&adf=795948158&w=728&lmt=1622143455&ad_type=text&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=B51515&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663157&bpp=9&bdt=642&idt=81&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&correlator=8618535918156&frm=20&pv=2&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=351&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Lv7vhiLcaO&p=http%3A//thesmokering.com&dtd=96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 27 May 2021 20:01:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 May 2021 20:01:03 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9088 27 KB
28 KB 27ms
7ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTnX_9CeFIPwE1TPjBACNvgDHvAjb-HlzKly2D58I_r0dHLMktM-6BLrn3Hpzc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e07588b1cc3328d0ab256ac9b295b3170d748e56cd8d939a3b145141d251960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 12:04:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 06 Jul 2019 19:26:00 GMT
server: sffe
age: 201412
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27819
x-xss-protection: 0
expires: Wed, 25 May 2022 12:04:11 GMT

GET
H3-29

200

9621714843503987182
tpc.googlesyndication.com/simgad/ Frame 9088
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3lN-PogEQsAkYsAkyCDOmzmmo_2gw
https://tpc.googlesyndication.com/simgad/9621714843503987182

190 KB
190 KB

8ms
7ms

Image
image/jpeg

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9621714843503987182

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a269c49f5ba6ef75421455ea43f899e5109fdda5b24032c1d43d28ea827fe902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:27:40 GMT
x-content-type-options: nosniff
age: 236003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194556
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 10:02:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 02:27:40 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 27 May 2021 11:03:35 GMT
x-content-type-options: nosniff
server: cafe
age: 32248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9621714843503987182
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jun 2021 11:03:35 GMT

GET
DATA 200
OK truncated
/ Frame 9088 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa05f44f0fbb235ea10db93843bb7471f6bb790850a9ca7fac84d2cba010b133

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 9088 20 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 03:57:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 576230
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Sat, 21 May 2022 03:57:13 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 9088 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 23:14:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:23 GMT
server: sffe
age: 247580
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Tue, 24 May 2022 23:14:43 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 2F0D 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622143455&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663186&bpp=4&bdt=671&idt=96&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CvW1xmMQxI&p=http%3A//thesmokering.com&dtd=102

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 20:00:32 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 2F0D 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 20:00:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F0D 121 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 20:01:04 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 2F0D 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 19:59:40 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/ Frame B272 13 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f120930dcb146720df85a8d7092e1565df9c54fcc37b7b9eb8350e2a755f82f5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/3275318306830398088/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3559
date: Fri, 21 May 2021 07:56:35 GMT
expires: Sat, 21 May 2022 07:56:35 GMT
last-modified: Wed, 03 Mar 2021 10:47:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 561869
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2F0D 0
0 20ms
17ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmYiXf_qvYPK4FPaQiM0Pz9qjiAejvbfZYd-2342mDf2B5LbrAhABIIy3oQJglQKgAYTBuo8DyAEJqQI5r7sVpHi0PqgDAcgDSKoEywFP0MTrHE5NQFYd7RSqfjTXzf3lI_3WWlm2lRUtFYeiW9tLBof-uk7fCbAYvGgTeTZgkyQCVADTgyJjB_oQz8o4UZUuS7WXySnoTROZNVCX9p7_yZe_9cimBMHfuAuaF5-1S4O0J8uUUny5Pucodf_03EMJc0qTsuYDBjA3Ndp8wEyhZyTZQkOFwC0Y_BvP-aJPkEWISyApCSa0Ot91WEEhG93J5iTPcw4hHIFXL21NiiaWLXYCzvn2wimMnm3xLmexPjuIV5mjesHqrcAEzdOqs7kDkgUECAQYAZIFBAgFGASgBi6AB-S-xXCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ_aEJ0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTkxMzAxNjY0NTU4MjEwMjc&sigh=7oOJC8Q9zsM&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622143455&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663186&bpp=4&bdt=671&idt=96&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CvW1xmMQxI&p=http%3A//thesmokering.com&dtd=102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 27 May 2021 20:01:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CA2E 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622143455&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663186&bpp=4&bdt=671&idt=96&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CvW1xmMQxI&p=http%3A//thesmokering.com&dtd=102
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkEsqO8XIUMs-BF_14GXtNtTqQT8a42baSXM5tL83xPZZ9H_GUaU-SMKMNfpmA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&h=600&adk=1942723166&adf=718136902&w=160&lmt=1622143455&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0033FF&color_text=333333&color_url=008000&url=http%3A%2F%2Fthesmokering.com%2F&flash=0&alternate_ad_url=http%3A%2F%2Fwww.alternate-ad-url.com%2Falternate&wgl=1&dt=1622145663186&bpp=4&bdt=671&idt=96&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&pvsid=3544152521038182&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CvW1xmMQxI&p=http%3A//thesmokering.com&dtd=102

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 19:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1905
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B272 9 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B272 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 May 2021 18:54:40 GMT

GET
H3-29 200 d52749fcfeaf4768604eb0fb2c1e4e85.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/ Frame B272 72 KB
19 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/d52749fcfeaf4768604eb0fb2c1e4e85.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c5fc7fbebb679b6afeebec0775d4a6ca1758b03de883f822375c70d79ebcfe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 540828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19138
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 10:47:44 GMT
server: sffe
date: Fri, 21 May 2021 13:47:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 13:47:16 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CA2E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

44ms
44ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkEsqO8XIUMs-BF_14GXtNtTqQT8a42baSXM5tL83xPZZ9H_GUaU-SMKMNfpmA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 20:01:04 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 27-May-2021 21:01:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 20:01:04 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 20:01:04 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2F0D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a90d4d9b02d6a4076a8461ac03e2cf81d07a4b550d44d43e7bcdb7722e8519f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame B272 4 KB
602 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:800|Open+Sans:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/d52749fcfeaf4768604eb0fb2c1e4e85.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14a7a6d25b42a2604039dcabdfaa8ebe103ef83bc9e2b91d2921889680e555e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 May 2021 19:10:51 GMT
server: ESF
date: Thu, 27 May 2021 20:01:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 May 2021 20:01:04 GMT

GET
H3-29 200 09af730ce39b2e3908cdf85af026d86a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/ Frame B272 9 KB
9 KB 7ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/09af730ce39b2e3908cdf85af026d86a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fe57d411bc5af39295a834ce631c4f71473f3d2e502df40838f51039b73b6c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 510456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 10:47:44 GMT
server: sffe
date: Fri, 21 May 2021 22:13:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 22:13:28 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame B272 15 KB
15 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800|Open+Sans:700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:32:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
age: 167324
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
expires: Wed, 25 May 2022 21:32:20 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame B272 15 KB
15 KB 20ms
17ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800|Open+Sans:700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:34:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:56 GMT
server: sffe
age: 167170
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15188
x-xss-protection: 0
expires: Wed, 25 May 2022 21:34:54 GMT

GET
H3-29 200 9a11cb5a415ad65da55f8b35b289da2c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/ Frame B272 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/9a11cb5a415ad65da55f8b35b289da2c.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9e72bf2c58cc297643e24822f3238196a90204c052fc0565509cad132ae7f9d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 71460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2104
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 10:47:44 GMT
server: sffe
date: Thu, 27 May 2021 00:10:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 May 2022 00:10:04 GMT

GET
H3-29 200 f8aedf500a8d6c701fb60826864d8f9a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/ Frame B272 8 KB
8 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/f8aedf500a8d6c701fb60826864d8f9a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6a4b6172f32ed69567128ecc5c9b5ff2d2493ac8eb04358c467fb98e64a7215

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 215953
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7836
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 10:47:44 GMT
server: sffe
date: Tue, 25 May 2021 08:01:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 08:01:51 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48356
x-xss-protection: 0
server: cafe
etag: 3890051329819667200
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 20:01:04 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 28ms
28ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f4d7af81c8cb5a168613ff3717c9fb10f76ede965e2c5c9f1866fc97d90c8c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 20:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7696
x-xss-protection: 0

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame B272 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 78647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Thu, 26 May 2022 22:10:17 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 27 May 2021 20:01:04 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame 5804 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210524/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkEsqO8XIUMs-BF_14GXtNtTqQT8a42baSXM5tL83xPZZ9H_GUaU-SMKMNfpmA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 26 May 2021 22:01:17 GMT
expires: Wed, 09 Jun 2021 22:01:17 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 79187
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
21ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thesmokering.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 20:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
24ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thesmokering.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 20:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 102D 0
19 B 29ms
29ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9130166455821027&output=html&adk=1583717119&adf=1965533518&lmt=1622143455&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fthesmokering.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1622145664500&bpp=2&bdt=1985&idt=2&shv=r20210524&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd120c4253bcc0c5f-22da49274bc8002a%3AT%3D1622145663%3ART%3D1622145663%3AS%3DALNI_MZuq9OwTXEP7qQSYinZOi-d7uLtGw&prev_fmts=728x90_as%2C160x600_as%2C160x600_as&nras=1&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&psts=AGkb-H8Qnq3SP9fAkAIKRQpRfIxP8LAif2I-7Vmtji2ZGlo9W1XpsvSrbjeK8M4R-b4jT34u65k1p71qBRkVXA%2CAGkb-H9UmOS870cBLM4vFM2cBtpXvDRmjonegdcubBpB38uX4zXYOCibvVRHIKwX1tahUlCUc9lJ0N6jZcg&pvsid=3544152521038182&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=16

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9130166455821027&output=html&adk=1583717119&adf=1965533518&lmt=1622143455&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fthesmokering.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1622145664500&bpp=2&bdt=1985&idt=2&shv=r20210524&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd120c4253bcc0c5f-22da49274bc8002a%3AT%3D1622145663%3ART%3D1622145663%3AS%3DALNI_MZuq9OwTXEP7qQSYinZOi-d7uLtGw&prev_fmts=728x90_as%2C160x600_as%2C160x600_as&nras=1&correlator=8618535918156&frm=20&pv=1&ga_vid=466621124.1622145663&ga_sid=1622145663&ga_hid=864602163&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31060975&oid=3&psts=AGkb-H8Qnq3SP9fAkAIKRQpRfIxP8LAif2I-7Vmtji2ZGlo9W1XpsvSrbjeK8M4R-b4jT34u65k1p71qBRkVXA%2CAGkb-H9UmOS870cBLM4vFM2cBtpXvDRmjonegdcubBpB38uX4zXYOCibvVRHIKwX1tahUlCUc9lJ0N6jZcg&pvsid=3544152521038182&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkEsqO8XIUMs-BF_14GXtNtTqQT8a42baSXM5tL83xPZZ9H_GUaU-SMKMNfpmA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 20:01:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 20:01:04 GMT
cache-control: private

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 22CA 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 27 May 2021 19:38:04 GMT
expires: Fri, 27 May 2022 19:38:04 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1380
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4439 783 B
532 B 25ms
25ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

562866784c8c4e3f894e11c4753f68223dbfa22d9f0fd88056cf9273c6128d0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ekdN9bEd56REimP5ZB80pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://thesmokering.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://thesmokering.com/

Response headers

expires: Thu, 27 May 2021 20:01:04 GMT
date: Thu, 27 May 2021 20:01:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ekdN9bEd56REimP5ZB80pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 22CA 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 78647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Thu, 26 May 2022 22:10:17 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=3544152521038182&bg=!sbKlsvbNAAaMan2LjGo7ACkAdvg8Wmx8wejJlwzp90Kb997Qejh9A7uYIUJjeCik6zfVHKB1cm0yVwIAAABOUgAAAApoAQcKAJMKg1go9p1g4pQZIhCpNx7TmqXfpHym7Ip9VOBd4uZM32JGexTRM-ljTWEy48kCjwAAQk_0wmUIJQ5aTJ8-qJM2lFR8lAU4Q2itkAsvHyhSexyXl7DY1dvviaTTZKMaOLCXcZ06Q6Dc9Ww67wPg0a1qoGksqU0Ha8gNlFxTzoaU-XRcvEBdVA5KvPMp5zW3YGYRQoGZAk7Yz9B6e-4bl31cfPSltDIkMcW122gmTjsS94g1dGCqxkVnettruk8sthHAzygS8G0yvWT07TZkSe3P8pu8mGi4rof8ZcClaIRVkSbAii44GsxOVB-x753gDm-YIPUQ-H1fjOnEC9Ki27vtytpDd45YGonADfdWD13kOo2kQgj6sxJdOI9kgLmFG-Qah6s6hCmPmpjxcwuZGy2yZRj2nmTNKNsrR1hwDJndoeMC0uCN5jRzkObWigtk5rli94DR5-lZWofWvSa72L3Q0pM0BZuZvkYE7-UpluquGFDtETxNXWkvhPVmjAEhnSpymxK_tCuooDIymcHbbxoD7DjZnAMgQPK3xghQ9cCVm2KIKHSj9_k45Mpw9I6Z0LcdCSuqc2m-Vw4a67crK7KPKZO869AImoHPW5egKJg5newgQgojrrNjhVGgl6YslgZrVGuq4gMfXIHjMWD4lHAbNeMDa5qRWEcNfXQkXruNEBmE8lFdqF89_lBH-bN3oKogv3a8TLIlpAoNspFlfh6fyS6Uop1EkcnXQmnBCGQzszfRxJYZp6dTAdT_AmytKDbnOXsX0mc1Osr5seLeogUzEeKQsT4DiZATbalwYYoYT-KTuhnVhyCbvwYb2zRsi0C7ih4wf-k2qrY7cIOkjzJTgQrsLAansYt7GEopweLqvNbYY9g4vzs1GelYjUynKdhaT0FowZBIVRk6Rya5VPFDy5fnsJr5axHfJJsKO5LQ--awauBvh_c9xoCQXx9CuKxJcfW5pjyv09NyFBiGX9o1Xj--SA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://thesmokering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 20:01:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9088 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCpX2GeLX4EQkDYfrUHXbm1ILc_vS51GZohI0FCgCk7oSxPbNTnVZFHQ2S7FJICHhgJ1dleaBgY35aYKkaK9GC63tmaTMQVkRB4RPEjbJyW0kAR60ytEc-Y0m9-Q&sai=AMfl-YT_82QR-IZqXLNl7THl9ugT4ZFxRdVvTccirqz755upCttgVVsQuyFUSzJWKNp05O32nEgBYmAy_n3w&sig=Cg0ArKJSzAFNHIdTeGfbEAE&id=lidar2&mcvt=1001&p=282,351,372,1079&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1945336083&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1622145663256&dlt=403&rpt=64&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 20:01:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9a11cb5a415ad65da55f8b35b289da2c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/ Frame B272 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/9a11cb5a415ad65da55f8b35b289da2c.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9e72bf2c58cc297643e24822f3238196a90204c052fc0565509cad132ae7f9d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 71464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2104
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 10:47:44 GMT
server: sffe
date: Thu, 27 May 2021 00:10:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 May 2022 00:10:04 GMT

GET
H2 200 f8aedf500a8d6c701fb60826864d8f9a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/ Frame B272 8 KB
8 KB 9ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3275318306830398088/media/f8aedf500a8d6c701fb60826864d8f9a.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6a4b6172f32ed69567128ecc5c9b5ff2d2493ac8eb04358c467fb98e64a7215

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 215957
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7836
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 10:47:44 GMT
server: sffe
date: Tue, 25 May 2021 08:01:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 08:01:51 GMT

Verdicts & Comments Add Verdict or Comment

264 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:35:49	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 18:35:46	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 03:57:21	Name: IDE Value: AHWqTUkEsqO8XIUMs-BF_14GXtNtTqQT8a42baSXM5tL83xPZZ9H_GUaU-SMKMNfpmA
.thesmokering.com/	1970-01-20 03:57:21	Name: __gads Value: ID=d120c4253bcc0c5f-22da49274bc8002a:T=1622145663:RT=1622145663:S=ALNI_MZuq9OwTXEP7qQSYinZOi-d7uLtGw
thesmokering.com/	1969-12-31 23:59:59	Name: 78afeae11e579f59c717949c1d023159 Value: 3opfn4b610spbaci7iuvqq3kj7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
groups.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
thesmokering.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.thesmokering.com
142.250.185.130
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c04::8a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f132:83:face:b00c:0:25de
69.64.33.70
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
014a5a330356f54c97229892cd15e816d39fda883442930e13f39c7eb247ab91
028b02da0298a02e2e89381e51ff170eaa459a3f5ad14f4a05038ae3944165c2
03d34432f9a8d245c766530864c54eb38da44eddd8dba7d04b8b8642533aab6d
06068c0160add1cf259e7119e9b7c69192913f756a079bc8ea4cf9f36ca02e02
06ac68cce976de7ac4949b7ddc2cb54db66d00a9e018eb4ad122882a1a92b0c3
0a17318dcebcff96868ba5a8e58c6dc8cbc505abfd042190b66b0b116d037cee
0a90d4d9b02d6a4076a8461ac03e2cf81d07a4b550d44d43e7bcdb7722e8519f
0b6dc9c991ab220cd15c5fac9d15755e9025807cc19579bce39d9c8f36bb0ba0
0bebc26684519b54ae335b937fa0a1092b472b2c6824b06a58884f8318b92e40
0c358e451b20ae9558a97bff19e180d1c4efdc7bbde2863344db37b95b898433
0d824c8b104ad2fe36019f4b3238d8c2969ae84008602a1f3d0b96024d6b131a
12c49b8251759efdfda0bb5f904b1c3ccf50c48652f00257be09653bf576ca18
14a7a6d25b42a2604039dcabdfaa8ebe103ef83bc9e2b91d2921889680e555e4
17da9fa737a8dc84dc780804903c909eceea5fb18ced7e590ef8e8592b585dfc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1fe57d411bc5af39295a834ce631c4f71473f3d2e502df40838f51039b73b6c4
2e07588b1cc3328d0ab256ac9b295b3170d748e56cd8d939a3b145141d251960
2e7fd02690c2b3ac12a055a1d86ef18a7d3b2b6c85c5531146f0d230543f9d78
3ac369148d079f0d001ec6665651810a454c2caab0a512bd5aae4bdc1571aa0b
3bf09c4d2fa616dd1e2ec513f2f355b4f4e2ea39246d328bb60921038a0d793e
442368871e47a3423eaf02c59622206f5c097e35f22bd6c66b255b2855763542
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
49bbe6dbdf1db5b651bb96c6d83da20a63b524958dc7e6c0c8ef066d0f295922
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
54952f484a72464374141c1515910cf11c7a5fcc30a52b2d46b590efece2518f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
562866784c8c4e3f894e11c4753f68223dbfa22d9f0fd88056cf9273c6128d0a
56e1ae52992285272c02903e0b1f1e3f3fc1cda4715e62a1bad3f636d2a59d35
5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681
5c00a1e325581a6362af319e0bd70d8c02c88c35f6d3d155a9ef16fd66cd7dc3
62fe962bdb00167596ab51dcee33c75a62d9afaacf275de2a96d86de408d17bf
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
68a102ca091150fd7fb1ea0c5cbff8d1318796c999a31f11beadcbf5f730ffff
6f41f29b0f02e5481de7e96b521b618eca399bade637e84457034fab87681d91
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
751c93befc1f1c6dbe3c6d302c25cbeee14a405b5a34b25f5b7366fb599f7c78
8277ada3d1ccd0b1f23a28587ba5c3346b4c6afa9d5a7b7d4c04e51c7b6cb086
840a17e11ca08c0b483f556b60e35a322f7ece30749430adf19f0657ddf9594c
880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd
8c642150e811f0535b30fd5435bde11f2362eb61ac2e4cfb8418fd6cb877221b
8c97cfb05def8a6ee856da0e7e3a9e9da8e431361152a06cfbfe4e270040abba
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
8f4d7af81c8cb5a168613ff3717c9fb10f76ede965e2c5c9f1866fc97d90c8c4
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
92dfa39c819c8fa384420fd0e0d4f2b5b886dd691b1977cce5bd1cd77e3ae2a6
9906fdb0472cf2463c74b23d4c119212576a93f600b091bb55b8165038b85637
a269c49f5ba6ef75421455ea43f899e5109fdda5b24032c1d43d28ea827fe902
a48b07401f6f015117a64a8fdffb3d9bc047d65e4a6704bb39e53ebedf892789
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a62852a6318a94ccc9346e48da6906e3fd66ce8d32a042e9fe028666e16f2874
a6a4b6172f32ed69567128ecc5c9b5ff2d2493ac8eb04358c467fb98e64a7215
a9b10b1c6bbe5e5d42e5942e0a4ae7801c915da700977fa4f6d3c10418787c90
aa05f44f0fbb235ea10db93843bb7471f6bb790850a9ca7fac84d2cba010b133
abb06a0b1c3e20d177c9487ed38d050957aff6039a3c6fa5dfe1e1b92425ec69
b1267dcc220bd472ae19df58959d2c036e2dec2bce1263e1b6ba201034b9e331
bf32d6602d2252d6fac88c8e2df30cac23ce51c3c2654e526757163efe8b9b43
c1c5fc7fbebb679b6afeebec0775d4a6ca1758b03de883f822375c70d79ebcfe
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c88189664b52efac0b21fb0b7eca62e131aecc86422278a34936b00e14f87e9e
ce512fcbd31a5d0fe52c9a39c50be1c97b9018de56cb7f83a4799b291c39868a
d09f54d072f2734fc8a3c27ab293e06a10f564a6ae5557d17972cf51d68e19af
d54cbcba275ce6a1b3091cc15a272425fdec0b55f4ebcf17d0574237eb880f3d
d55c65b246a876f75cce868400d9d8f54880cceaff2ea0aaeec5c2aa2731db05
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6b8457a43c1ac2ed656b2a65ee142c6e63db7fb07526efc2a5dd8c0c37e336d
ddf43ca5f1ddd28645a5d21dcb48da29ab5beef16b7ba84f882aa43bdf273f8d
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
dfacddb48c29b1e9dcfd45d5da5c15b692e2f45d7cdd2e5ac00cc51ecc06864d
e098e94ca8e718f23da27afa78279520420be91a8de2fe5a84039b9c84e8460f
e2e98876ea28211c939ec8659ebbc2349a8040ab6fe7798b2f1f9b9bf89e9099
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e721138ff40f67f784af31fa988ac90a72c7d4f64fc9670ce94c587927caa7ee
ea4d72087c0ce84e9f56d421a2b3332678b72757d6616bf64269d1fbb0475ca7
eabbf8979725c08a7ea1fa4e9593c90f2262bc7abff885a43c2fc3b7f9fbf9a1
ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3
ec98f88129d5c3180c878d70ae27ffcdf7907737e4d2e82ec41b6f81fe1cd8ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f096f07e076d84ac7a0f534eaf028ca2ddd4443647d9da4bad29b5dd0462acc6
f10c42a2b0dc0a3058c6c0b986125c1625ce4de4ad4e1f9e39e811ca971ce187
f120930dcb146720df85a8d7092e1565df9c54fcc37b7b9eb8350e2a755f82f5
f3148089ed8727c786141478e43f096a8ff06bce4141ce8aeabe9bfb662e1a4c
f9e72bf2c58cc297643e24822f3238196a90204c052fc0565509cad132ae7f9d
fb006755b2d123db10b3930cda8234ec7bb37a1f3540f17eb1638070309b28a4
fe5c86cb0d38a52f8d11e29d40731ba97f883ef241cbfa8bf96eaa3b02dd82cd

thesmokering.com Open in urlscan Pro 69.64.33.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

110 Requests

60 %HTTPS

91 %IPv6

11 Domains

18 Subdomains

22 IPs

4 Countries

3315 kBTransfer

4707 kBSize

5 Cookies

5 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

thesmokering.com Open in urlscan Pro
69.64.33.70 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

60 %
HTTPS

91 %
IPv6

11
Domains

18
Subdomains

22
IPs

4
Countries

3315 kB
Transfer

4707 kB
Size

5
Cookies

110 HTTP transactions
2 data transactions