urlscan.io logo urlscan.io
SecurityTrails logo

imgtr.ee Open in urlscan Pro
2606:4700:3032::6815:2c59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://imgtr.ee/
Effective URL: https://imgtr.ee/
Submission: On May 15 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3032::6815:2c59, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgtr.ee. The Cisco Umbrella rank of the primary domain is 388800.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2024. Valid for: 3 months.
This is the only time imgtr.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    2606:4700:3032::6815:2c59 (United States)

ASN13335 (CLOUDFLARENET, US)
imgtr.ee
6    2607:f8b0:4004:c09::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:3031::6815:5a3e (United States)

ASN13335 (CLOUDFLARENET, US)
kultfilmler.com
1    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4004:c07::8a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
11    2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2607:f8b0:4004:c07::84 (None, )

ASN- ()
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
16 imgtr.ee
imgtr.ee — Cisco Umbrella Rank: 388800
525 KB
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
www.google.com Failed
70 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com
296 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
294 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
1 kultfilmler.com
kultfilmler.com
1 KB
44 7
Domain Requested by
16 imgtr.ee 1 redirects imgtr.ee
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
6 pagead2.googlesyndication.com imgtr.ee
pagead2.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
1 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.googletagmanager.com imgtr.ee
1 kultfilmler.com imgtr.ee
0 www.google.com Failed tpc.googlesyndication.com
44 9
Subject Issuer Validity Valid
imgtr.ee
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
kultfilmler.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://imgtr.ee/
Frame ID: EEE49061EBE39BD7F346C02C6FD213F0
Requests: 35 HTTP requests in this frame

Frame: https://imgtr.ee/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: 1CC3F08C7F1A3D88CD1A8132DB94248E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Frame ID: E049D7C43E9FAD5C0E29C1EAF586550E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4827553507118966&output=html&adk=3895348141&adf=3876334049&abgtt=6&lmt=1715789339&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Fimgtr.ee%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715789338762&bpp=3&bdt=1386&idt=901&shv=r20240513&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6670348094660&frm=20&pv=2&ga_vid=2072654610.1715789339&ga_sid=1715789340&ga_hid=1507607692&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083586%2C95331982%2C31083689%2C95331712%2C95332415&oid=2&pvsid=1363703919772224&tmod=634947456&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=950
Frame ID: 3502644AB73EC06D9DB3123E1209743E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4827553507118966&output=html&h=280&slotname=7411249171&adk=1940469453&adf=3608573854&pi=t.ma~as.7411249171&w=336&abgtt=6&lmt=1715789339&format=336x280&url=https%3A%2F%2Fimgtr.ee%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715789338765&bpp=1&bdt=1389&idt=962&shv=r20240513&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6670348094660&frm=20&pv=1&ga_vid=2072654610.1715789339&ga_sid=1715789340&ga_hid=1507607692&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083586%2C95331982%2C31083689%2C95331712%2C95332415&oid=2&pvsid=1363703919772224&tmod=634947456&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=974
Frame ID: 05888F66FB83B5CF48E3A1C48E778444
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Frame ID: 48897E42EA90EFFAF08C886D39B66353
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Frame ID: 616776254504D7501341471BE843B4C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 84971FB7971DD85228B0E96EE14544B7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 335BFBA1A973CFCA484E12CC49099C17
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IMGTR - Fast & Easy Upload Image – Image Hosting

Page URL History Show full URLs

  1. http://imgtr.ee/ HTTP 307
    https://imgtr.ee/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

44
Requests

93 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

9
IPs

1
Countries

992 kB
Transfer

2522 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://imgtr.ee/ HTTP 307
    https://imgtr.ee/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://imgtr.ee/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://imgtr.ee/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
imgtr.ee/
Redirect Chain
  • http://imgtr.ee/
  • https://imgtr.ee/
78 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Chevereto 4
Resource Hash
dd597a15ecaa2c1ec3fbd4dbe9f430fe66d5749fc93704481ec84aedf574d880
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
884463bb899f36d3-YYZ
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Wed, 15 May 2024 16:08:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
pragma
no-cache
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FBghqI7wXSwAqVugCdc1vY9SlU81sAFJdLtKxP9PVTYCBhb6U59xgc8ZGAGMJ58h4ZAmk3RAnzREnBZrwJzSgsp10Cd53K6hsr%2F%2FL%2Bg15eO2idIb7mHVDhMPCFCZDNNH6tuLRzlfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
master-only master-only
x-powered-by
Chevereto 4
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Location
https://imgtr.ee/
Non-Authoritative-Reason
HttpsUpgrades
peafowl.min.css
imgtr.ee/content/legacy/themes/Peafowl/lib/ 		93 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/legacy/themes/Peafowl/lib/peafowl.min.css?6a1b4107815badbaae88384a7a2fb60b
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de70fd7e8435be676814025cd583055a0643006f389b73fa8ef53fbc5687f636

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 27 Jun 2023 14:02:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"649aebdc-17447"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qudxd3mHk7pnkIRaxh0jrasFpz%2FZ9ngnM1hHx%2BOPmMd4KIRLG1OHYBmyc7aG2xT5EQIUBpQ4cQX7W9RpFaMjmbD9XbXpSFzZf25uwvoQkIoUgpj8aQiNvBh706sSue1MzYzUBd5T0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463bedd0036d3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
imgtr.ee/content/legacy/themes/Peafowl/ 		39 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/legacy/themes/Peafowl/style.min.css?6a1b4107815badbaae88384a7a2fb60b
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa23b6fa1d3338264d096521459b2ecde826693ed9916519cf958301b98f6898

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 27 Jun 2023 13:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"649aeac8-9c70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGkW8Y24pg%2BbLNHVGAKUf8JGj7K9VidWgW5H3YuThWBisCvlldj0HvisJsXdSZuXV%2FtT8IG8TJ3pa1TuEpwVJMkO2ehrsEHWi1r%2BYWg6PlBTiV4mvoK8Zozua9A%2BLkAZtWblqsNxtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463bedd0236d3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.min.css
imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/css/ 		99 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/css/all.min.css?6a1b4107815badbaae88384a7a2fb60b
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 27 Jun 2023 14:53:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"649af7f0-18d98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mLvdaOZu2iRNNqjTVrlC%2FLrpL9oJSJuTIrmg9%2FlaW6JhDDQnBPNo9SdP18x3pbx77xwBP9G%2B43im2V932%2B6UG%2FjBh%2BZLS83P%2FIFnDxDWTedKSbik2VjbEZtpPLW4jkoUSoA1QjlXGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463bedd0336d3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4827553507118966
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49473148a12d954ca23dc3c3c4b458c5314351fc701759fc6854a4c08ec17ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://imgtr.ee
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51851
x-xss-protection
0
server
cafe
etag
7815572474990339447
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 15 May 2024 16:08:58 GMT
reklam.js
kultfilmler.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kultfilmler.com/reklam.js
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d652be73a52eaf43e9090684e86f711531d8495f7567720a45ab0f77ef8012f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 03:13:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1371
etag
W/"6642d6e2-8f2"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WyJqSR5Ocvn2CcQX%2F6P%2Bu75UW%2BOHmkD%2FLLYE4b58eRlz%2BAhGeaFOLOEfLR3tvHqrPJSDruJZG4oJD1L72DnQstPceepmZTTxYjQeAJ0nCrX4w3i65rAE8jXJoMfsLwdB3ZFPNsOEGng2A%2Bj7Z6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
884463c12c9eac40-YYZ
alt-svc
h3=":443"; ma=86400
logo_1687990521132_9e6075.svg
imgtr.ee/content/images/system/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgtr.ee/content/images/system/logo_1687990521132_9e6075.svg
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3d6e1815ccfe82c473dcd9d45b78b8dac5a64f1e9c7d0c3f070b0cf205d84b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
680168
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Jun 2023 22:15:21 GMT
server
cloudflare
etag
W/"649cb0f9-ecb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNnD8tnRUkf540cqha5keOMbpuDiO%2Fw2m5ixKGjIza8N4kIUjBzQgjZkGLpb1FkCNUOYpKkUlQTiDdFux%2BqXiODCE0424aB%2FjG57ijYLEnjFdzI5RHLTRhprm3He6A2mjF0wjg7kYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463bedd0536d3-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.min.js
imgtr.ee/content/legacy/themes/Peafowl/lib/js/ 		248 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/legacy/themes/Peafowl/lib/js/scripts.min.js?6a1b4107815badbaae88384a7a2fb60b
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c9a9e8360771c2e6c7f24390387d532d0ff17ed10ee83205b7019ddf271a692

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 27 Jun 2023 14:36:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"649af409-3de92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fp96AQeQ%2BxdHP%2F9dm3MyupvYh8%2B6vez7MOHFbY1quS4S2jGCF0N45zBORsDg53jbo%2Fbv117NJ5IW0haPs4tKBZg6yaNmUj1fU2%2Fz7DbUgfiji5DJu1rdzuu4oc99SKECiAgg%2B7UEww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463c2a94736d3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
peafowl.min.js
imgtr.ee/content/legacy/themes/Peafowl/lib/ 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/legacy/themes/Peafowl/lib/peafowl.min.js?6a1b4107815badbaae88384a7a2fb60b
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4c3ebca582599f5971048905723fede81c271d77271b75aaa607fc744b5cbd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 29 Jun 2023 13:01:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"649d8092-268a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYLNfSSknT8ru%2Fv59rxqI1G4LLIYKveyETzidG6%2BpEaZuu3%2F02sKmp5xl2K%2BvPXmVEFpnx5xAZnF22mj%2FO38UTBY3NEEc9zoJS8rgs8CfLpEpN1f7jD7XeYhMDTSyTQqD1nYuO0mGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463c2c95c36d3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
chevereto.min.js
imgtr.ee/content/legacy/themes/Peafowl/lib/ 		153 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/legacy/themes/Peafowl/lib/chevereto.min.js?6a1b4107815badbaae88384a7a2fb60b
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d6d3ee4b6b51f33748edee35979da5b67b42415c5fa1fb241a62867f476f9da

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 29 Jun 2023 13:37:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"649d8916-26594"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ko3Ck6KhxGlULrUT6N%2B%2FIKxV7Tx4ltFwyvKzEe36qr7lK3erL65t7iDxNLJ%2FgC6bui2VcJU47HH8tQQmYUlh2P%2BkHzF%2FiaIar18mE9%2FwTLVJJZ2gJKircEwNXoT%2FZfD0DqrxPpEPnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463c2c95d36d3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		301 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4QD3TNDKND
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4875c21d3d0b03080b27c69d30371005de3bca3e379055dc02ec650e62a3de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102259
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 May 2024 16:08:58 GMT
fa-solid-900.woff2
imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/webfonts/ 		147 KB
148 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/webfonts/fa-solid-900.woff2
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/css/all.min.css?6a1b4107815badbaae88384a7a2fb60b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/css/all.min.css?6a1b4107815badbaae88384a7a2fb60b
Origin
https://imgtr.ee
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378828
alt-svc
h3=":443"; ma=86400
content-length
150472
last-modified
Tue, 27 Jun 2023 14:53:39 GMT
server
cloudflare
etag
"649af7f3-24bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLgqfqLK8PvXdoXGsKGBhVpj7%2FhVqR0JDsfREq1xFt1BliUbXQwyfSYkJkE00pYHVJqTHnw2tUEE1bFsfhkvyiNTy2jGhAkOiVHo58pXQpP6aNCJkf3n4SJyi6EU3EVXhuQ62RerNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
884463c319b936d3-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-regular-400.woff2
imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/webfonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/webfonts/fa-regular-400.woff2
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/css/all.min.css?6a1b4107815badbaae88384a7a2fb60b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe69d94841462d397faeff253ee09a6dc7941be931f942a55e6b9def8f3b048d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/content/legacy/themes/Peafowl/lib/font-awesome-6/css/all.min.css?6a1b4107815badbaae88384a7a2fb60b
Origin
https://imgtr.ee
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
649235
alt-svc
h3=":443"; ma=86400
content-length
25096
last-modified
Tue, 27 Jun 2023 14:53:39 GMT
server
cloudflare
etag
"649af7f3-6208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CLrAqmd7kfxfPFvDgQnu69DpfbOdaPm6wAoevG58aHlNGm0Fzq02zCRmyqdM0KfrbyzOUZnhInDvYk2oPmvwUoWd770pim7mY%2FRbqq341MND2oKDP%2BPgMYXlZP86gXAJuCQ7r4stzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
884463c319bc36d3-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
imgtr.ee/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame 1CC3
Redirect Chain
  • https://imgtr.ee/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://imgtr.ee/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f985df9bf12fa6860b71c38caeee989f4fbdbd6e70612f40f8c13e5a8b9260
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 15 May 2024 16:08:58 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILTHSRbss3IzljzQGyNjepuLYKAuKdnzCfEaEahyNQCmeaygM3mOFHm5A%2FnWf9h1PPekhmjDXLpQo2vmmdXl2hyDjLHZPEAiGqulP39cEa2XhNm1m9rC8JalULw5nU7DebQGfpBhfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
884463c7ef5936d3-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 15 May 2024 16:08:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FjOzYF02BltZENWLWBAnmtY0HQj3HxfzGUAz5vu5%2FxzgPIN1BnQqIcMKdzQrs4fMtcdY5F%2FIVjA43z1r2Zfh2wnAOVCUagnS0eQR49VWDKZ3QN0lo3oL%2F2ktSiJ00703Ruq1ZiLZ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
884463c73e8a36d3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
home_cover.jpg
imgtr.ee/content/images/system/default/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgtr.ee/content/images/system/default/home_cover.jpg
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d9d1b6a99839fb7367ad76c1d6dd6f0cdebec9c31d0a68607a110c83e4007e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:59 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Jun 2023 13:57:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"649aeac6-1aa88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R82Q4iij1aU3UiZ5AS0%2FA%2FrmCVPm%2Fqn6DTSgZGP5W%2FqJuetOI7DHIWH7UM2d8q4Uk4DkA89V3qSAjBAcljU5XgKIUT8jnJCd0A8KAlIFruCU7a35IAaAb5vnBySYSWI8g9POOxMeDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463c74e9b36d3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/ 		415 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4827553507118966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7ee253e82dc7406cea6beab25fd9355d6c60c81c8aa530250bfccdbe6124e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143538
x-xss-protection
0
server
cafe
etag
15258475098403736661
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 May 2024 16:08:59 GMT
collect
www.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-4QD3TNDKND&gtm=45je45d0v9131936344za200&_p=1715789338006&gcd=13l3l3l3l1&npa=0&dma=0&cid=2072654610.1715789339&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715789338&sct=1&seg=0&dl=https%3A%2F%2Fimgtr.ee%2F&dt=IMGTR%20-%20Fast%20%26%20Easy%20Upload%20Image%20%E2%80%93%20Image%20Hosting&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2278
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QD3TNDKND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 16:08:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://imgtr.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
884463bb899f36d3
imgtr.ee/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1CC3 		0
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/cdn-cgi/challenge-platform/h/g/jsd/r/884463bb899f36d3
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 15 May 2024 16:08:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GuS%2F81PZcNRXp7JA0QJCgISHLmTn55ARJJ%2FNFtGrMuRSOO8V3bSJPAwPTj85FXgPpI8pqmFaQqpHcKye6dxM2UjHcGOW0jjOHU8unER49PJjOO6NYP8R1ATMuTtaXTeDrHQeRgL6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
884463c938e236d3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/ Frame E049 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
7353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 14:06:27 GMT
etag
5035419970550746386
expires
Wed, 29 May 2024 14:06:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3502 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4827553507118966&output=html&adk=3895348141&adf=3876334049&abgtt=6&lmt=1715789339&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Fimgtr.ee%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715789338762&bpp=3&bdt=1386&idt=901&shv=r20240513&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6670348094660&frm=20&pv=2&ga_vid=2072654610.1715789339&ga_sid=1715789340&ga_hid=1507607692&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083586%2C95331982%2C31083689%2C95331712%2C95332415&oid=2&pvsid=1363703919772224&tmod=634947456&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=950
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
75270
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 16:09:01 GMT
expires
Wed, 15 May 2024 16:09:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=top-bar&cls=top-bar%20top-bar--main&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: imgtr.ee
URL: https://imgtr.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 16:08:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0588 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4827553507118966&output=html&h=280&slotname=7411249171&adk=1940469453&adf=3608573854&pi=t.ma~as.7411249171&w=336&abgtt=6&lmt=1715789339&format=336x280&url=https%3A%2F%2Fimgtr.ee%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715789338765&bpp=1&bdt=1389&idt=962&shv=r20240513&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6670348094660&frm=20&pv=1&ga_vid=2072654610.1715789339&ga_sid=1715789340&ga_hid=1507607692&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083586%2C95331982%2C31083689%2C95331712%2C95332415&oid=2&pvsid=1363703919772224&tmod=634947456&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=974
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43291
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 16:09:00 GMT
expires
Wed, 15 May 2024 16:09:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/reactive_library_fy2021.js?bust=31083689
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731ce774b143557c51e3d92635403e63048378bba036f686099eb0e108a7aff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57667
x-xss-protection
0
server
cafe
etag
10279884458365282558
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 May 2024 16:09:01 GMT
ca-pub-4827553507118966
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4827553507118966?href=https%3A%2F%2Fimgtr.ee&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4dfb7fe37e9a1b37579c94dec2bf7f7bbae267a6c114bc9903ddea78f817133
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4qnF4jz9VAIJ7WumbrrQsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4qnF4jz9VAIJ7WumbrrQsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1ZBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQ71x8gfUgEK86coF1ExC3f77AOhWIv7FfZP0HxELcHPP2TN7EJvBj5xQTJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDU0NjPQOj-AIDADv-Qtc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWgKwMIWJVyW8nKBbZjGdL3oFLKJzqTU-nx1KRRtIPPWBtAfWXGL-eTal9q93RjF-tcd4uVx23zpEJFlYfOWpX1j1WwbWiyDJNMT1_AA7Y2ONOaU6PM6-zGtUCKzufb8GQ6-BzXNg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWgKwMIWJVyW8nKBbZjGdL3oFLKJzqTU-nx1KRRtIPPWBtAfWXGL-eTal9q93RjF-tcd4uVx23zpEJFlYfOWpX1j1WwbWiyDJNMT1_AA7Y2ONOaU6PM6-zGtUCKzufb8GQ6-BzXNg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1Nzg5MzQyLDMyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9pbWd0ci5lZS8iLG51bGwsW1s4LCJmRzNoV1oxNTBZUSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c966ef0b9a560a0585ee49d1bdafce8af8370fb1a4acfc2dcc290fc8f68c525b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ngmi1uRGkcncGS7v5wlTGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ngmi1uRGkcncGS7v5wlTGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw05BiOHnrNtNFID7vdIfpOhAbaDxnsgBiia8vmdSAOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAnPTvPGsBEO9cfIH1IBCvOnKBdRMQt3--wDoViL-xX2T9B8RCPBzz9kzexCawY9aePYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgamhsZ6BkbxBQYApEpIOw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/ Frame 4889 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
7353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 14:06:27 GMT
etag
5035419970550746386
expires
Wed, 29 May 2024 14:06:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/ Frame 6167 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
7353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 14:06:27 GMT
etag
5035419970550746386
expires
Wed, 29 May 2024 14:06:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxU69guSsN2bMccgS5f1qd3FQNTiwje5_NPNs4QjiSyDL4ubPaDcZJzgs8m6P7MqOG83oQNpQCf_SsFMUBkbBK_DAKOdlUp1cAzKMinZNISU5SEe8mh9Emr1meP173NcdUo--rGscg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU69guSsN2bMccgS5f1qd3FQNTiwje5_NPNs4QjiSyDL4ubPaDcZJzgs8m6P7MqOG83oQNpQCf_SsFMUBkbBK_DAKOdlUp1cAzKMinZNISU5SEe8mh9Emr1meP173NcdUo--rGscg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1Nzg5MzQyLDQ4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vaW1ndHIuZWUvIixudWxsLFtbOCwiZkczaFdaMTUwWVEiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a2d584502bac22f11200dc6d4090e7cf39d0188a2b56498b6276410da7a5712
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ztKZjK_n4AmL1oyJl4eQZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-ztKZjK_n4AmL1oyJl4eQZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw05BiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQ71x8gfUgEK86coF1ExC3f77AOhWIv7NfZP0PxEI8HPP2TN7EJnBi2e7pTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqaGxnoGRvEFBgB9z0Mk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsame1..initdoubleclickadselementcontent
fundingchoicesmessages.google.com/f/AGSKWxU4czRppO1feJla9jrGjIgOoRbC3sJYdXXCLNE91JCQLomYtzkx9jatyyMTuorEaTHwusMfaryDzzT76nuTr-Z2aW0DlKGboCpLq-FTZjn8nhRdD26-ZRPyGEYjnyQHRVlDbo8sagH9IJB7Hl1Dyx4R8r0DK... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU4czRppO1feJla9jrGjIgOoRbC3sJYdXXCLNE91JCQLomYtzkx9jatyyMTuorEaTHwusMfaryDzzT76nuTr-Z2aW0DlKGboCpLq-FTZjn8nhRdD26-ZRPyGEYjnyQHRVlDbo8sagH9IJB7Hl1Dyx4R8r0DKyp00ipYQyDVgo9AOIRRQiyPyQKf2jE9/_/adgenerator./728x90./uploads/xadv_/adsame1..initdoubleclickadselementcontent?
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzZzRiEC_9ANqcycQujqiC6-A2jpQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53efb9ac0ac48270f2bd9cf6e661807b4c81931f812ab7778220b28825376879
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ywu7o_AbtnAWmQBvOQtu3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-ywu7o_AbtnAWmQBvOQtu3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1pBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQ71x8gfUgEK86coF1ExC3f77AOhWIv7NfZP0PxEI8HPP3TN7EJvDhypttjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqaGxnoGRvEFBgCUskO_"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzZzRiEC_9ANqcycQujqiC6-A2jpQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87ef4be5f593f23f6a2c064185251923d9bc397cdfcb9eab38c0b4429d125bc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:34:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
2064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30705
x-xss-protection
0
server
cafe
etag
11611672620318507410
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 15 May 2024 16:34:39 GMT
AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dkm1nKcOujoY2zTBPmZdgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dkm1nKcOujoY2zTBPmZdgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBicEqfwRoExEI8HPP3TN7EJnDh1vl_TEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU0ETPwDS-wAAA24QjCw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://imgtr.ee
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cacLO8LYZW72qgrw7zCXgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-cacLO8LYZW72qgrw7zCXgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw15BicEqfwRoExEI8HPP3TN7EJvBh0uz_TEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU0ETPwDS-wAAAwGgirQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://imgtr.ee
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QnUsnl_4qFJ4GXVaxedonA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-QnUsnl_4qFJ4GXVaxedonA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoExEI8HPP3TN7EJrBh_7wGZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKJnYBpfYAAAl1QiHQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://imgtr.ee
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ps0oopdrpBjPzQrdVqHZ7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-Ps0oopdrpBjPzQrdVqHZ7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBicEqfwRoExEI8HPP3TN7EJrChq62BWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGJgamugZmMYXGAAAgwoh1Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://imgtr.ee
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUVDXVeqlzjJDLhUAaSBi-1pKUkXmCKeleOEp5tPoVKRCuwRB5m-TkgMR5hRbXCqTGcdx8Vc3wQsO6A4apmeVkdSiBFeYk1flcPPX_AQ3b7DgsPUXLYVFg0_B1LQMZL3zoEuFgaXQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUVDXVeqlzjJDLhUAaSBi-1pKUkXmCKeleOEp5tPoVKRCuwRB5m-TkgMR5hRbXCqTGcdx8Vc3wQsO6A4apmeVkdSiBFeYk1flcPPX_AQ3b7DgsPUXLYVFg0_B1LQMZL3zoEuFgaXQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1Nzg5MzQzLDYyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9pbWd0ci5lZS8iLG51bGwsW1s4LCJmRzNoV1oxNTBZUSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58360cf5b0e5850f9faacdb4be3f03e80c9b509626598595ee521d43e803433d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-b_G6KtBzTLro72GK_HXCPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-b_G6KtBzTLro72GK_HXCPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1JBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQ71x8gfUgEK86coF1ExC3f77AOhWIv7NfZP0PxEI8HPP3TN7EJrBj3_fTTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqaGxnoGRvEFBgCP1EOY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX3DSdtAzZvi4TwYw_caSAAszL60UoqSG4RVXwaNw8q8bUAc5Av3I5WIZ5j7aU1iPUZDcRdBIFiEUFX1BYWbYyLV8mpBTaeOIiGJBzt6YTjPz1pJpAc9GozEx7a4BgcLITjqa-7og==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX3DSdtAzZvi4TwYw_caSAAszL60UoqSG4RVXwaNw8q8bUAc5Av3I5WIZ5j7aU1iPUZDcRdBIFiEUFX1BYWbYyLV8mpBTaeOIiGJBzt6YTjPz1pJpAc9GozEx7a4BgcLITjqa-7og==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dBJeUEnl265ovMldt7gDPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dBJeUEnl265ovMldt7gDPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBicEqfwRoExEI8HPP3TN7EJnBj5cteZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKJnYBpfYAAAs9sigg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://imgtr.ee
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXv7mXdsD5M-2RkSzUR5OirROjQrLVhULQM25V1UhSva1WovRux8sn56LWrRCepQLdz-MffJsxGXF1BBRulPkh3ODNMSKngPBddNi2VkaUJQPZW7KkP70_9qZLYTEFkqq40ZY3OBQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I1es1ujN86apYMRsIzqwDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-I1es1ujN86apYMRsIzqwDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0pBicEqfwRoExEI8HPP3TN7EJtCwbVkfs5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1NNEzMI0vMAAAi8Ih9w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://imgtr.ee
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240513&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f3eda54b9fb35a51a5dac655046fe90f137567161fa280029665825820f97ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12229
x-xss-protection
0
favicon_1687915758390_e1eac6.png
imgtr.ee/content/images/system/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/images/system/favicon_1687915758390_e1eac6.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52d46f1ec1dd2a3e1f6258d3d24ba364ea5f569c6513ed2a02c5ae8592011d1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 01:29:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
668145
etag
W/"649b8cee-20e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDaCexU4bwFGYaddL6OLj5J72ncr2IOc4oZCmtmMcHXcWv3HMuNrFdBAIOAEGAWhS6YBpf8zfMMNObWgugfxS8Op%2By4yOpLzZPrjGLHqh7kFQXT3%2Ba9JNHYbWuzwRsQe6HTzSd8FoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463e6db0836d3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-4QD3TNDKND&gtm=45je45d0v9131936344za200&_p=1715789338006&gcd=13l3l3l3l1&npa=0&dma=0&cid=2072654610.1715789339&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715789338&sct=1&seg=0&dl=https%3A%2F%2Fimgtr.ee%2F&dt=IMGTR%20-%20Fast%20%26%20Easy%20Upload%20Image%20%E2%80%93%20Image%20Hosting&en=scroll&epn.percent_scrolled=90&_et=6&tfd=7286
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QD3TNDKND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 16:09:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://imgtr.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon_1687915758390_e1eac6.png
imgtr.ee/content/images/system/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://imgtr.ee/content/images/system/favicon_1687915758390_e1eac6.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2c59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52d46f1ec1dd2a3e1f6258d3d24ba364ea5f569c6513ed2a02c5ae8592011d1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://imgtr.ee/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:03 GMT
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 01:29:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
668145
etag
W/"649b8cee-20e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDaCexU4bwFGYaddL6OLj5J72ncr2IOc4oZCmtmMcHXcWv3HMuNrFdBAIOAEGAWhS6YBpf8zfMMNObWgugfxS8Op%2By4yOpLzZPrjGLHqh7kFQXT3%2Ba9JNHYbWuzwRsQe6HTzSd8FoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
884463e6db0836d3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 May 2024 16:09:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8497 		0
0
aframe
www.google.com/recaptcha/api2/ Frame 335B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| devices function| window_to_device function| jQueryLoaded object| readyQ object| bindReadyQ function| jQuery function| $ object| degisken string| rand boolean| puShown function| doOpen function| setCookie function| getCookie function| initPu function| checkTarget function| preventParentHeight object| adsbygoogle object| CHEVERETO function| gtag object| dataLayer function| is_browser function| get_browser function| get_browser_version function| get_browser_os object| BrowserDetect object| html5 object| Modernizr function| yepnope function| is_chrome function| is_ie function| is_firefox function| is_safari function| is_opera function| is_windows function| is_osx function| is_ios function| is_linux function| Cookies function| Hammer function| MagicGrid function| sprintf function| testPassword object| PF number| width function| EvEmitter function| imagesLoaded function| loadImage object| jQuery110203743525276621973 function| Spinner function| SparkMD5 object| CHV object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googletag object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjIzYzhlMGM1YzY5NGU5MGxvYWRlcl9qcw== string| ZjIzYzhlMGM1YzY5NGU5MGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

9 Cookies

Domain/Path Name / Value
imgtr.ee/ Name: PHPSESSID
Value: 016q8300bhku61tr4uommi5f1p
.imgtr.ee/ Name: _ga
Value: GA1.1.2072654610.1715789339
.imgtr.ee/ Name: _ga_4QD3TNDKND
Value: GS1.1.1715789338.1.0.1715789338.0.0.0
.imgtr.ee/ Name: cf_clearance
Value: peYce0V8ymc5ioWDkTJ1OHO9wsfTIZHiOBCmkz4ybX8-1715789339-1.0.1.1-r.IiTpdGb985fgTgfoHH62jAAKNELTy26ij1C5FvxQY0dngRZVjUQrFA1RYvLQCM8mwxwyGPMeLhIAWI08UmCw
.imgtr.ee/ Name: __gads
Value: ID=3ea5e8061193de4b:T=1715789340:RT=1715789340:S=ALNI_Mapp0fwH3heBJOnmhpUeH3Hsti_Mw
.imgtr.ee/ Name: __gpi
Value: UID=00000dad7100b63a:T=1715789340:RT=1715789340:S=ALNI_MY5KZXOLq0g9TOvx6fvsvgju2KKfA
.imgtr.ee/ Name: __eoi
Value: ID=a78835eaa5fece50:T=1715789340:RT=1715789340:S=AA-AfjaHSRUt2uMQQCVW6qc6zu0q
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUn3fLfpGtUr6DGpMJ-18oN9u3UUV7oVcWlxY3J9UarY_shtVPFQQghhrv1Tqvs

17 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://imgtr.ee/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imgtr.ee
kultfilmler.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
tpc.googlesyndication.com
www.google.com
2606:4700:3031::6815:5a3e
2606:4700:3032::6815:2c59
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::8a
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1b::9b
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
1a2d584502bac22f11200dc6d4090e7cf39d0188a2b56498b6276410da7a5712
2d9d1b6a99839fb7367ad76c1d6dd6f0cdebec9c31d0a68607a110c83e4007e2
2f3d6e1815ccfe82c473dcd9d45b78b8dac5a64f1e9c7d0c3f070b0cf205d84b
3a4c3ebca582599f5971048905723fede81c271d77271b75aaa607fc744b5cbd
49473148a12d954ca23dc3c3c4b458c5314351fc701759fc6854a4c08ec17ec5
4d6d3ee4b6b51f33748edee35979da5b67b42415c5fa1fb241a62867f476f9da
53efb9ac0ac48270f2bd9cf6e661807b4c81931f812ab7778220b28825376879
58360cf5b0e5850f9faacdb4be3f03e80c9b509626598595ee521d43e803433d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f985df9bf12fa6860b71c38caeee989f4fbdbd6e70612f40f8c13e5a8b9260
731ce774b143557c51e3d92635403e63048378bba036f686099eb0e108a7aff4
87ef4be5f593f23f6a2c064185251923d9bc397cdfcb9eab38c0b4429d125bc7
8c9a9e8360771c2e6c7f24390387d532d0ff17ed10ee83205b7019ddf271a692
8f7ee253e82dc7406cea6beab25fd9355d6c60c81c8aa530250bfccdbe6124e8
9f3eda54b9fb35a51a5dac655046fe90f137567161fa280029665825820f97ac
aa23b6fa1d3338264d096521459b2ecde826693ed9916519cf958301b98f6898
b4dfb7fe37e9a1b37579c94dec2bf7f7bbae267a6c114bc9903ddea78f817133
c4875c21d3d0b03080b27c69d30371005de3bca3e379055dc02ec650e62a3de0
c966ef0b9a560a0585ee49d1bdafce8af8370fb1a4acfc2dcc290fc8f68c525b
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d652be73a52eaf43e9090684e86f711531d8495f7567720a45ab0f77ef8012f4
dd597a15ecaa2c1ec3fbd4dbe9f430fe66d5749fc93704481ec84aedf574d880
de70fd7e8435be676814025cd583055a0643006f389b73fa8ef53fbc5687f636
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f52d46f1ec1dd2a3e1f6258d3d24ba364ea5f569c6513ed2a02c5ae8592011d1
fe69d94841462d397faeff253ee09a6dc7941be931f942a55e6b9def8f3b048d