cookad.net Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shrs.link/NycQRb
Effective URL:
https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
Submission: On August 26 via manual (August 26th 2024, 3:50:54 pm UTC) from IN — Scanned from NL

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 22 domains to perform 100 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is cookad.net.
TLS certificate: Issued by WE1 on August 9th 2024. Valid for: 3 months.

This is the only time cookad.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	172.67.156.180 172.67.156.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1 2	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4cc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	172.67.147.50 172.67.147.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
1	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.141.86 172.67.141.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
100	29

3 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shrs.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.shrslink.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.156.180 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shareus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

redirectshareus.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.shareusads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.shrslink.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f9cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.94.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4cc3 (United States)

ASN13335 (CLOUDFLARENET, US)

mercury.phonepe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.67.147.50 (United States)

ASN13335 (CLOUDFLARENET, US)

api.refershareus.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

shareus-cache.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

api.shrslink.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.141.86 (United States)

ASN13335 (CLOUDFLARENET, US)

injectshrslinkblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f7cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidanalytics.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	cookad.net cookad.net	102 KB
14	refershareus.xyz api.refershareus.xyz — Cisco Umbrella Rank: 115540	15 KB
12	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1198 trc.taboola.com — Cisco Umbrella Rank: 1123 trc-events.taboola.com — Cisco Umbrella Rank: 3272 vidanalytics.taboola.com — Cisco Umbrella Rank: 3613	426 KB
11	shareus.io 1 redirects shareus.io — Cisco Umbrella Rank: 433760	620 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203	114 KB
6	gstatic.com fonts.gstatic.com	108 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	361 KB
4	shrslink.xyz api.shrslink.xyz	2 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1314	156 KB
3	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 3877	15 KB
2	adtrafficquality.google ep1.adtrafficquality.google ep2.adtrafficquality.google	19 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	14 KB
2	shareusads.com securepubads.shareusads.com — Cisco Umbrella Rank: 112098	18 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	201 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 553	431 B
1	injectshrslinkblog.com injectshrslinkblog.com	5 KB
1	web.app shareus-cache.web.app	960 B
1	phonepe.com mercury.phonepe.com — Cisco Umbrella Rank: 507207
1	redirectshareus.xyz redirectshareus.xyz	982 B
1	shrs.link 1 redirects shrs.link	900 B
100	22

	Domain	Requested by
15	cookad.net	cookad.net
14	api.refershareus.xyz	securepubads.shareusads.com cookad.net
11	shareus.io	1 redirects redirectshareus.xyz shareus.io
6	pagead2.googlesyndication.com	shareus.io cookad.net securepubads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	trc-events.taboola.com	cdn.taboola.com
5	cdn.taboola.com	cookad.net cdn.taboola.com
5	securepubads.g.doubleclick.net	shareus.io securepubads.g.doubleclick.net cookad.net
4	api.shrslink.xyz	shareus.io cookad.net
4	unpkg.com	2 redirects shareus.io cookad.net
3	challenges.cloudflare.com	1 redirects shareus.io challenges.cloudflare.com
2	6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.jsdelivr.net	securepubads.shareusads.com
2	securepubads.shareusads.com	shareus.io cookad.net
2	region1.google-analytics.com	www.googletagmanager.com
2	fonts.googleapis.com	shareus.io cookad.net
2	www.googletagmanager.com	shareus.io cookad.net
1	vidanalytics.taboola.com	cdn.taboola.com
1	trc.taboola.com	cdn.taboola.com
1	tpc.googlesyndication.com	ep2.adtrafficquality.google
1	ep2.adtrafficquality.google	securepubads.g.doubleclick.net
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	gum.criteo.com	cdn.taboola.com
1	injectshrslinkblog.com	cookad.net
1	shareus-cache.web.app	shareus.io
1	mercury.phonepe.com	shareus.io
1	redirectshareus.xyz	shareus.io
1	shrs.link	1 redirects
100	28

This site contains no links.

Subject Issuer	Validity	Valid
shareus.io WE1	`2024-08-03` - `2024-11-01`	3 months	crt.sh
redirectshareus.xyz WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.phonepe.com Go Daddy Secure Certificate Authority - G2	`2024-07-08` - `2025-07-08`	a year	crt.sh
shareusads.com WE1	`2024-07-05` - `2024-10-03`	3 months	crt.sh
shrslink.xyz WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
refershareus.xyz WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
web.app WR4	`2024-07-26` - `2024-10-24`	3 months	crt.sh
challenges.cloudflare.com E5	`2024-07-17` - `2024-10-15`	3 months	crt.sh
cookad.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
injectshrslinkblog.com WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-26` - `2024-11-20`	3 months	crt.sh
adtrafficquality.google WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
Frame ID: 5F014AE033711A6F38F9EC60B1B05D05
Requests: 90 HTTP requests in this frame

Frame: https://shareus.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js
Frame ID: 5DDB47FA94781E2924016E308B8D5466
Requests: 2 HTTP requests in this frame

Frame: https://mercury.phonepe.com/transact/prefetch
Frame ID: E570C7BA274D549A91C360E01546F11A
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wx62p/2x00000000000000000000AB/auto/fbE/normal/auto/
Frame ID: 86643F40BC4ACF0B11571537CF380493
Requests: 1 HTTP requests in this frame

Frame: https://6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC7D90C6A89EC932E2F2D37661E8689D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: BE6E325772EFA32E593ADE4180AD8414
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6DFC26252DEFD79287D01C8C08293F6
Requests: 1 HTTP requests in this frame

Frame: https://6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C3EB7FAB4FF66B24A4B2FD574E1A9701
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 1C55A5EEC1FD01AA643CC8D3D7F67BA9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Avoiding Common Banking Mistakes: What You Need To Know – Cookad

Page URL History Show full URLs

http://shrs.link/NycQRb HTTP 307
https://shrs.link/NycQRb HTTP 302
https://shareus.io/open/NycQRb Page URL
https://redirectshareus.xyz/NycQRb?host=shareus.io Page URL
https://shareus.io/NycQRb Page URL
https://api.shrslink.xyz/s?sid=66cca451426971f82da5ac82 Page URL
https://cookad.net/?shrs_link=test&sid=66cca451426971f82da5ac82&cp=1&tp=3&tpp=3 Page URL
https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

100
Requests

92 %
HTTPS

54 %
IPv6

22
Domains

28
Subdomains

29
IPs

5
Countries

2181 kB
Transfer

7346 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shrs.link/NycQRb HTTP 307
https://shrs.link/NycQRb HTTP 302
https://shareus.io/open/NycQRb Page URL
https://redirectshareus.xyz/NycQRb?host=shareus.io Page URL
https://shareus.io/NycQRb Page URL
https://api.shrslink.xyz/s?sid=66cca451426971f82da5ac82 Page URL
https://cookad.net/?shrs_link=test&sid=66cca451426971f82da5ac82&cp=1&tp=3&tpp=3 Page URL
https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://shrs.link/NycQRb HTTP 307
https://shrs.link/NycQRb HTTP 302
https://shareus.io/open/NycQRb

Request Chain 3

https://unpkg.com/boxicons@latest/css/boxicons.min.css HTTP 302
https://unpkg.com/boxicons@2.1.4/css/boxicons.min.css

Request Chain 5

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

Request Chain 15

https://shareus.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://shareus.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js

Request Chain 50

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

100 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

NycQRb
shareus.io/open/
Redirect Chain

http://shrs.link/NycQRb
https://shrs.link/NycQRb
https://shareus.io/open/NycQRb

2 KB
2 KB

90ms
48ms

Document
text/html

172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shareus.io/open/NycQRb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=600
cf-cache-status: DYNAMIC
cf-ray: 8b94fa979c502ba4-FRA
content-encoding: br
content-security-policy: frame-ancestors *
content-type: text/html; charset=utf-8
date: Mon, 26 Aug 2024 15:50:40 GMT
function-execution-id: nzaiaiabvsj0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kp0PCWqIT0NaCMYsifgQIbk%2F9%2FOnQfEJ%2FR4CNQ20hibjnLXr%2B8c%2B0BCFWB8tghEEyuVEQK5wZBVqAaRD%2FufYYqn1XIrCLwNQbetwPU2P5lj%2FnLP2BA3Uq9wYB0V5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31556926
vary: Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-cloud-trace-context: 5573e7fcf63bb34368a9c779dacf4fc6
x-country-code: FR
x-orig-accept-language: en-GB,en;q=0.9
x-served-by: cache-fra-eddf8230068-FRA
x-timer: S1724687441.596390,VS0,VE1

Redirect headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b94fa963af31daa-FRA
content-security-policy: frame-ancestors *
content-type: text/html; charset=utf-8
date: Mon, 26 Aug 2024 15:50:40 GMT
function-execution-id: nzai3t1jovs4
location: https://shareus.io/open/NycQRb
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EpxXrvPo3OXYGn90%2F5NByTyk25B%2F5lvBy1kfEEb9Qi7cJedTK7W2jyXKBYrKjPLmndervKp2SFLLris79Alk2WuVwBNysReS9EL5JJWQOVNZRce2P97eue%2FRjByzWwZGOVi3SDwJAx0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31556926
vary: Origin, Accept,cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 2b9c3230ab6358419949256b96663986
x-country-code: DE
x-orig-accept-language: nl-NL,nl;q=0.9
x-served-by: cache-fra-eddf8230159-FRA
x-timer: S1724687440.371376,VS0,VE136

GET
H3 200 NycQRb
redirectshareus.xyz/ 635 B
982 B 251ms
187ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirectshareus.xyz/NycQRb?host=shareus.io

Requested by

Host: shareus.io
URL: https://shareus.io/open/NycQRb

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b94fa9878fb37fd-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 26 Aug 2024 15:50:40 GMT
function-execution-id: jpifc915orhl
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QexYqPNVPJt5WmIYJPcelrX2QVxbBbDc0rIz5BfGDycR4Wee3DXlUPRwMa2Ni89OtE5n54L9YkD%2FqFYrpBqyh3wTAJODBTjgq58jh4TjJo8xxKga%2B%2FdLn8UaeUywCacVFSECUCdD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31556926
vary: Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 42a05309ce56f5f6bf19b692973693f8
x-country-code: DE
x-orig-accept-language: nl-NL,nl;q=0.9
x-served-by: cache-fra-eddf8230156-FRA
x-timer: S1724687441.733899,VS0,VE151

GET
H3 200 NycQRb Show response
shareus.io/ 15 KB
6 KB 49ms
48ms Document
text/html 172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shareus.io/NycQRb

Requested by

Host: redirectshareus.xyz
URL: https://redirectshareus.xyz/NycQRb?host=shareus.io

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ca80516a1859decc358ee9d2051652ae6518296317479f6d9f28d817e8b2e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=600
cf-cache-status: DYNAMIC
cf-ray: 8b94fa99eead2ba4-FRA
content-encoding: br
content-security-policy: frame-ancestors *
content-type: text/html; charset=utf-8
date: Mon, 26 Aug 2024 15:50:40 GMT
function-execution-id: nzai6biigv0u
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gnw4Sose6K9hMTztLe9ENcKtRXkG8s72rIyeDmS2uqtaKN4AXsh6JlaK6dJvEME8i%2BVTXDnRVauXCEYxE6M4NrXxsqg0njSvF%2Fxp3V48Qp0n5wUlGW2kmanmAeh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31556926
vary: Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-cloud-trace-context: a4e01fdc49f54fb7f61d45dba29d52d0
x-country-code: FR
x-orig-accept-language: en-GB,en;q=0.9
x-served-by: cache-fra-eddf8230068-FRA
x-timer: S1724687441.961106,VS0,VE2

GET
H2

200

boxicons.min.css
unpkg.com/boxicons@2.1.4/css/
Redirect Chain

https://unpkg.com/boxicons@latest/css/boxicons.min.css
https://unpkg.com/boxicons@2.1.4/css/boxicons.min.css

66 KB
17 KB

35ms
35ms

Stylesheet
text/css

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.1.4/css/boxicons.min.css

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

620eea24b0cee1d8cc8395c80f295cf2e7b6fab962493c26b49a8d42b63a4dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shareus.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14334629
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFHDFPYM73ER0XQRK0BN7M-fra
server: cloudflare
etag: "109bc-IH/O3L/2oFuyFxGxc9h5/AQWzS0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b94fa9acee03829-FRA

Redirect headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J67NQNHS9GEHQV9Z5THNEWJA-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 395
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /boxicons@2.1.4/css/boxicons.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8b94fa9a8ea03829-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
99 KB 100ms
43ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WYMKN8FLPH

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

344ea822c96c059518ade296bffdb2b70d98a3806276e59d1bd8a207803dd014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100630
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Aug 2024 15:50:41 GMT

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

44 KB
15 KB

30ms
30ms

Script
application/javascript

104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
Requested by: Host: shareus.io
URL: https://shareus.io/NycQRb
Protocol: H3
Server: 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: br
last-modified: Thu, 15 Aug 2024 16:28:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy: cross-origin
cf-ray: 8b94fa9badd7d276-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 26 Aug 2024 15:50:41 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /turnstile/v0/b/6790c32b9fc9/api.js
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
cf-ray: 8b94fa9b4ca7d276-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
32 KB 86ms
36ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

4fe780ebbb0584bc3d484ec52f0463f57992a2b130dd395af016443c909c39a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32249
x-xss-protection: 0
server: cafe
etag: 107 / 19961 / 31086523 / config-hash: 16589588177142267248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 15:50:41 GMT

GET
H3 200 index-4e4e17a3.js Show response
shareus.io/assets/ 2 MB
552 KB 69ms
68ms Script
text/javascript 172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shareus.io/assets/index-4e4e17a3.js

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13335432311d4f03ef0e79d978e62f9a8691cab7633a6ed90804651dca6e7d02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
Strict-Transport-Security	max-age=31556926

Request headers

Referer
Origin: https://shareus.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-security-policy: frame-ancestors *
content-encoding: br
strict-transport-security: max-age=31556926
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2770
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230141-FRA
last-modified: Tue, 18 Jun 2024 06:15:46 GMT
server: cloudflare
x-timer: S1719672901.650680,VS0,VE1
etag: W/"e59bfe1e2290c054e2f8776cf56563dddf9d80b9d84bd3a5d9ff0eb56827f081-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgAT12K9kVW%2BMIQXJcrQp0HoRmlJ6W1djCPTE4esveG6K7zSqI24BgoIxFhrMqvEb32EVZ4DALdGYO78046Fs6wSMwXSVGy4gxtJC8dB3QRp%2B3PvZByWVA66xnOJ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
cf-ray: 8b94fa9a3f3c2ba4-FRA
x-cache-hits: 0

GET
H3 200 index-fd0a76f9.css
shareus.io/assets/ 56 KB
11 KB 154ms
152ms Stylesheet
text/css 172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shareus.io/assets/index-fd0a76f9.css

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd0a76f940283904cdb52ca14c57b451cd5277dd991967adeffc7aeb57dc8dab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
Strict-Transport-Security	max-age=31556926

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-security-policy: frame-ancestors *
content-encoding: br
strict-transport-security: max-age=31556926
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2770
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230156-FRA
last-modified: Tue, 18 Jun 2024 06:15:46 GMT
server: cloudflare
x-timer: S1719672901.670712,VS0,VE1
etag: W/"10f9fea8cf6e82433a13ac0a39e50b08988d7ceb3a3e7e1efbaa1f1c73a8f49d-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewlDfToi5u53CtA9N7BH1pp%2Fxbo1uGygtBueMujXSgXgM858ht6mvqZ67PlRpNVyshQOhZafOm70P8UMYMH9S%2BTlST4gwx4l6HxXhKgDq3l9gxvereqIomUW066l"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=3600
cf-ray: 8b94fa9a3f402ba4-FRA
x-cache-hits: 0

GET
H3 200 shareusfavicon.png
shareus.io/ 17 KB
17 KB 48ms
47ms Image
image/png 172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shareus.io/shareusfavicon.png

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5740cef2895ae9b61ebe7dc5f5d8af0b21f238c7f54c95664b82750891b215b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
Strict-Transport-Security	max-age=31556926

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-security-policy: frame-ancestors *
strict-transport-security: max-age=31556926
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2768
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Tue, 18 Jun 2024 06:15:46 GMT
server: cloudflare
x-timer: S1719672901.190337,VS0,VE1
etag: W/"e7369d3f7bc33f0be55af89b907e666250c3b04413ffdcf27e21e29aa17472da-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmExB%2FB2pWovb9Mznb5WM%2Ba7rUcFM8T%2F0kZqU%2F6SYijvaZ22F636C5AAP3q6G7YKQemMMckzgp10%2FLaKsHSNkHzmUDAPUsj%2BbK2Erw3P%2BOWRLQRAE8EyysOzvwVD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
cf-ray: 8b94fa9a3f462ba4-FRA
x-cache-hits: 0

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 95ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Host: shareus.io
URL: https://shareus.io/assets/index-fd0a76f9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f6c7e21a033ba788d3c4ab39fd8a313607ecc2e60118e127970e47d45a97228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Aug 2024 15:24:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Aug 2024 15:50:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 58ms
20ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WYMKN8FLPH&gtm=45je48l0v869133771za200&_p=1724687441117&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1380570129.1724687441&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724687441&sct=1&seg=0&dl=https%3A%2F%2Fshareus.io%2FNycQRb&dt=Shareus.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=275
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WYMKN8FLPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 15:50:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shareus.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 77ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shareus.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 07:19:27 GMT
x-content-type-options: nosniff
age: 30674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Aug 2025 07:19:27 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/ 478 KB
149 KB 21ms
21ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086523

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

406684c7ca1393eea9101b9ef119c78b0f7801c267abcb2921c03f132703168f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20800
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152291
x-xss-protection: 0
server: cafe
etag: 9741817496811777231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Aug 2025 10:04:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 301 B
156 B 75ms
32ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shareus.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8f1b95798132bfafc504b1160c3dc01118a9fa034812f5c4cdfb57df13c9b7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Mon, 26 Aug 2024 15:50:41 GMT

GET
H3

200

main.js Show response
shareus.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/ Frame 5DDB
Redirect Chain

https://shareus.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://shareus.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

8 KB
4 KB

30ms
29ms

Script
application/javascript

172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shareus.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Server

172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba2202db7bbb19c0644897852dd490c30978ebe9cb8bb5428acefa7c22b31bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4SEOD%2F0z9c3iCWfT8L2IJZBFloE1fhTbnH8Ki%2BaFBO3nV76xJM9p1pTVDm8Tfpa2qNPc0eIYMfVCuT%2FmLTV8%2ByTyRFW1WsnjFlLApJbYIxGdsHzaFUKQyW7%2Bxhf2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b94fa9d5a762ba4-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 26 Aug 2024 15:50:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H8%2F5lA49xKPLxeWAHBinexdXgJsYegLwB2Y%2BTw7RavwqQyc6uvAm0bzTYDqzjYW%2ByKoMBgCvhLOvgzHb93p0bgktUza9ZDLdifM9IrtIZdZ0K3ZnhB2m9NFBNSVA"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b94fa9c79952ba4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 prefetch
mercury.phonepe.com/transact/ Frame E570 0
0 821ms
738ms Document
text/html 2606:4700::6811:4cc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mercury.phonepe.com/transact/prefetch

Requested by

Host: shareus.io
URL: https://shareus.io/assets/index-4e4e17a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4cc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com; script-src 'self' https://www.google-analytics.com https://dgq88cldibal5.cloudfront.net https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com; style-src https://fonts.googleapis.com 'unsafe-inline' 'self' https://dgq88cldibal5.cloudfront.net https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com; img-src data: 'self' https://d32dgd8o7pwmnt.cloudfront.net https://dgq88cldibal5.cloudfront.net https://imgstatic.phonepe.com https://mercurystatic.phonepe.com https://www.google-analytics.com https://linchpin.phonepe.com https://mercury.phonepe.com; font-src data: https://fonts.gstatic.com/ 'self' https://dgq88cldibal5.cloudfront.net https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com; connect-src 'self' https://mercury-t1.phonepe.com https://mercury-t2.phonepe.com https://tez.google.com https://dgq88cldibal5.cloudfront.net https://d32dgd8o7pwmnt.cloudfront.net https://mercurystatic.phonepe.com https://imgstatic.phonepe.com https://mercury.phonepe.com https://sentry.phonepe.com https://linchpin.phonepe.com https://api.phonepe.com/* https://api.phonepe.com; frame-src https://phonepe.com https://www.phonepe.com https://tnc.phonepe.com; report-uri https://csp.phonepe.com/log; prefetch-src 'self' https://dgq88cldibal5.cloudfront.net https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com;
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,content-type,x-app-id, x-auth-token, id-mercury
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin: *
access-control-expose-headers: id-mercury
cache-control: public, max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 8b94fa9d99c9199b-FRA
content-encoding: gzip
content-security-policy: default-src 'self' https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com; script-src 'self' https://www.google-analytics.com https://dgq88cldibal5.cloudfront.net https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com; style-src https://fonts.googleapis.com 'unsafe-inline' 'self' https://dgq88cldibal5.cloudfront.net https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com; img-src data: 'self' https://d32dgd8o7pwmnt.cloudfront.net https://dgq88cldibal5.cloudfront.net https://imgstatic.phonepe.com https://mercurystatic.phonepe.com https://www.google-analytics.com https://linchpin.phonepe.com https://mercury.phonepe.com; font-src data: https://fonts.gstatic.com/ 'self' https://dgq88cldibal5.cloudfront.net https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com; connect-src 'self' https://mercury-t1.phonepe.com https://mercury-t2.phonepe.com https://tez.google.com https://dgq88cldibal5.cloudfront.net https://d32dgd8o7pwmnt.cloudfront.net https://mercurystatic.phonepe.com https://imgstatic.phonepe.com https://mercury.phonepe.com https://sentry.phonepe.com https://linchpin.phonepe.com https://api.phonepe.com/* https://api.phonepe.com; frame-src https://phonepe.com https://www.phonepe.com https://tnc.phonepe.com; report-uri https://csp.phonepe.com/log; prefetch-src 'self' https://dgq88cldibal5.cloudfront.net https://mercurystatic.phonepe.com https://linchpin.phonepe.com https://mercury.phonepe.com;
content-type: text/html; charset=UTF-8
date: Mon, 26 Aug 2024 15:50:42 GMT
last-modified: Fri, 09 Aug 2024 05:59:16 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H3 200 sgpt.js Show response
securepubads.shareusads.com/scripts/tag/js/ 25 KB
9 KB 358ms
309ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Requested by: Host: shareus.io
URL: https://shareus.io/assets/index-4e4e17a3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1e31d681db75c3f5608a8ac0f96f1690a5a56d2268fe1154929f24b2230d657e

Request headers

Referer
Origin: https://shareus.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cdn-cache-control: public, max-age=100
server: cloudflare
etag: W/"654d-aT+3OIcsFgHnmQJi4iqJ/B8QCu4"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b0Hqt8xKZ%2FZIy3uhDwa79qQsmG6Ek6%2B8e3W4PLBE7iZKm5TLUXZpV5U1la3zewOKbKNjNUsVZhyHGswqUmqeARm0tMmuui7jCclaOK8GucJDCHoJB1ZRZaWmDqHVt%2FBWgyfV8XW1doCysGgLBsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://shareus.io
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 8b94fa9d5f2a694c-FRA

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shareus.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:03:06 GMT
x-content-type-options: nosniff
age: 524855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:03:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shareus.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 07:44:28 GMT
x-content-type-options: nosniff
age: 29173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Aug 2025 07:44:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shareus.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:09:26 GMT
x-content-type-options: nosniff
age: 524475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:09:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e97a841678fbbfc045bcdcaa68482079d0af10aeacc9ca993a443fb3036876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shareus.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:20:57 GMT
x-content-type-options: nosniff
age: 523784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12324
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:20:57 GMT

GET
H2 200 v Show response
api.shrslink.xyz/ 62 B
673 B 586ms
514ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shrslink.xyz/v?shortid=NycQRb&initial=true&referrer=
Requested by: Host: shareus.io
URL: https://shareus.io/assets/index-4e4e17a3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4952430bb283352795e98ae8896e5228ae8377beb066a458987ee00343c7a856

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3e-zfE3lG2Lux3DDtteOZUKh1cSR0k"
x-powered-by: Express
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RAFleLlxlUSMI5ziTxzDv0jkWBOnHUY3kjImRcu2vknzieCRaSfoheaS%2BxExgrj1aOmQw5k8vI5BRmX1WDeLzkDNa3TNymZYkJk%2FWt6Dl9ODc%2BejwZkm%2FmZ%2FqN2IdlaCa0x0u%2Fb%2FV1iALLHDZmOt"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b94fa9da962918e-FRA
access-control-allow-headers: Content-Type, Authorization
alt-svc: h3=":443"; ma=86400

GET
H3 200 shareusnewlogo-c092876c.png
shareus.io/assets/ 21 KB
21 KB 37ms
36ms Image
image/png 172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shareus.io/assets/shareusnewlogo-c092876c.png

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c092876c1dea1825076fb572d07776f0bc28f2e6db4beba58be79190cee27c8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
Strict-Transport-Security	max-age=31556926

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-security-policy: frame-ancestors *
strict-transport-security: max-age=31556926
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2758
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Tue, 18 Jun 2024 06:15:46 GMT
server: cloudflare
x-timer: S1719673374.935178,VS0,VE1
etag: W/"f64013a71531f490897cad71d2034b06a20c2e64bdc50eccbae2b783cf0e5a65-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2B29p50KjOB35aZcG7kfJmWW1YRUBxiE3mZ1u%2FvFSfF4A19ewAvVmhAeYM2sgPfHKb3gkPI2wJ9IYxPkDMC0ZDYqxxURobCVfsj1cC00f8FFUsG7JwQyeosZXnbp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
cf-ray: 8b94fa9d4a6e2ba4-FRA
x-cache-hits: 0

GET
H3 200 shareusnewicon-55bd3938.png
shareus.io/assets/ 4 KB
5 KB 34ms
32ms Image
image/png 172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shareus.io/assets/shareusnewicon-55bd3938.png

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55bd3938342a6236c45cd2d85734190cf1bbde320d612492db8e1f98c6d91f8d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
Strict-Transport-Security	max-age=31556926

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-security-policy: frame-ancestors *
strict-transport-security: max-age=31556926
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2758
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230101-FRA
last-modified: Tue, 18 Jun 2024 06:15:46 GMT
server: cloudflare
x-timer: S1719673374.936089,VS0,VE1
etag: W/"6fbab21a5a498c5724e3c8fe07748691ba4abbfd9bca685aaa374b91debf24d6-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hO9FTJ1MAdDRHmrG3pUTNw2QDgLP7Va3DyLSEUopNoyn2%2FlPF41aaV4spdO4cztnjItmiABYQx7SPXY7dqdyIUjoHU%2BBO2BxTP%2FvMFL%2BJ6wT1KUe7DSp%2BvADg4vr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
cf-ray: 8b94fa9d4a712ba4-FRA
x-cache-hits: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 78ms
36ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: shareus.io
URL: https://shareus.io/NycQRb

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

50cfc2943d025a8735f0920ede3c1c5adcdea5cfe735b684580c4d835a296f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://shareus.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52024
x-xss-protection: 0
server: cafe
etag: 13108766699334354926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 26 Aug 2024 15:50:41 GMT

POST
H3 200 8b94fa99eead2ba4 Show response
shareus.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5DDB 0
903 B 41ms
37ms XHR
text/plain 172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shareus.io/cdn-cgi/challenge-platform/h/b/jsd/r/8b94fa99eead2ba4
Requested by: Host: shareus.io
URL: https://shareus.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oA6UZpUeUTjpmAYQdvPPQeu0mGb9ztnJoHuk2nVSym1bMnCzRQHSU4qkhcdbV77updKV11DW34NWO9xtou%2BvtIPHbTznnz%2B0MaCh80y8LD%2FqzjPsP0NucAi8CoQP"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8b94fa9e9bb82ba4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 disable-devtool Show response
cdn.jsdelivr.net/npm/ 17 KB
7 KB 86ms
37ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/disable-devtool

Requested by

Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7559
x-jsd-version: 0.3.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6523
x-served-by: cache-fra-eddf8230052-FRA, cache-lga21931-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYygJucNHm2fl9mn2R6oUHtltXHkHAcvRKfBlwd%2Fn5ZvKAIzkdIIuoWsVgRUDaXO9BK%2FbkP8PCNMK0gkduPjeCd3BNZQ8SNLYcqaGcLRfNpoNSBuAQYe4pYEQwvQ7EF5SxZ60xOxXKxMutlWds4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b94fa9faad29f10-FRA

GET
H3 200 ads
api.refershareus.xyz/ 32 B
488 B 826ms
787ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=4e4d4c4b4e44444a484f4d4b444a4d4b&a=44444d4d4e4f4e4d4c4d&p=1408080c0f4653530f141d0e19090f5215135332051f2d2e1e&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0wUXJX%2FGE3PguZp%2FIgPbp0fuDO4OzRxm17dSAmTZJoqa2Oe0ECyyzdKi4Ly0kY%2FRbgEQKg6oEDvplP9Blc0bATQN5Nc3Yalz7gdpKmPULmHssFCfOGOnnXGQ2E5Np%2FisvHPOLnzH0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://shareus.io
access-control-allow-credentials: true
cf-ray: 8b94fa9f9baf1e5a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
524 B 392ms
359ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=4e4d4c4b4e44444a484f4d4b444a4d4b&a=4e454c4c4b4c4c4b494f&p=1408080c0f4653530f141d0e19090f5215135332051f2d2e1e&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=miMCPC8jiBMWNcGYSPOhsN7Y3imhCA6ydnVXBLNsspy4EwJ4PCrzvpwq7VL%2B56jYMO4E7J0PZLC3tx%2BJvw2UQL0nDiNhZVhd%2FjUZE8i8zgd1hXCPD3CCNgmvPQ0B8Dw0TlCq1JSnag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://shareus.io
access-control-allow-credentials: true
cf-ray: 8b94fa9f9bb41e5a-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eca5892eff7f0fec449b846ab5c768794ef717d80ac6b76885b75e6bb80a14e2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 getLink
shareus-cache.web.app/ 694 B
960 B 399ms
284ms XHR
application/json 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://shareus-cache.web.app/getLink?shortid=NycQRb

Requested by

Host: shareus.io
URL: https://shareus.io/assets/index-4e4e17a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
date: Mon, 26 Aug 2024 15:50:42 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 451
x-served-by: cache-mad22053-MAD
server: Google Frontend
x-timer: S1724687442.194342,VS0,VE235
vary: Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shareus.io
x-cloud-trace-context: 3da2e4a8228e7304d03df7d1e0db8a4a;o=1
cache-control: public, max-age=3000, s-maxage=60000
access-control-allow-credentials: true
function-execution-id: apz49lth73d9
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

POST report
api.shrslink.xyz/ 0
0

OPTIONS
H2 403 report
api.shrslink.xyz/ Frame 0
0 32ms
32ms Preflight
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shrslink.xyz/report?sid=66cca451426971f82da5ac82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shareus.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=15
cf-ray: 8b94faa10cfb918e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Aug 2024 15:50:42 GMT
expires: Mon, 26 Aug 2024 15:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxqeRQUg%2BfFLr9hMjLqE0xwzjbnkMWpaaqVhrbOjsp8wp%2FZgvJU5mN7qM0Ze6Ofve3%2BG11BdT9KrUG6muASgT5Vm8U70ZOIi4Bg%2B8BgCounBS9nJheSfDM%2FPDis5A4G0FtBw3UazZAG0ftOZgczR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 shareusfavicon.png
shareus.io/ 17 KB
0 0ms
0ms Other
image/png 172.67.156.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shareus.io/shareusfavicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5740cef2895ae9b61ebe7dc5f5d8af0b21f238c7f54c95664b82750891b215b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:41 GMT
content-security-policy: frame-ancestors *
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2768
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Tue, 18 Jun 2024 06:15:46 GMT
server: cloudflare
x-timer: S1719672901.190337,VS0,VE1
etag: W/"e7369d3f7bc33f0be55af89b907e666250c3b04413ffdcf27e21e29aa17472da-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmExB%2FB2pWovb9Mznb5WM%2Ba7rUcFM8T%2F0kZqU%2F6SYijvaZ22F636C5AAP3q6G7YKQemMMckzgp10%2FLaKsHSNkHzmUDAPUsj%2BbK2Erw3P%2BOWRLQRAE8EyysOzvwVD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
cf-ray: 8b94fa9a3f462ba4-FRA
x-cache-hits: 0

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wx62p/2x00000000000000000000AB/auto/fbE/normal/auto/ Frame 8664 0
0 56ms
30ms Document
text/html 104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wx62p/2x00000000000000000000AB/auto/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8b94faa2eb093808-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 15:50:42 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 s Show response
api.shrslink.xyz/ 1 KB
876 B 343ms
321ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shrslink.xyz/s?sid=66cca451426971f82da5ac82
Requested by: Host: shareus.io
URL: https://shareus.io/assets/index-4e4e17a3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b7e75d3d8418058e7e7cbf51ec573d8623a81536b79e46c669c83c3c58456e0a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b94faa39a829061-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 26 Aug 2024 15:50:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=joHKP%2FQBjS0KJflxn587VqpQD2huBFEymQSWltN2U26XeTKqOs2B0AoLp6%2FMQMPzElmm7rfr%2BfzJ15%2Fro%2Bh%2BrVb8hZTvdKryKMNAZAOlHGoE4yRUM%2FBi%2Fw%2F9YW30Vsi1rXmU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H3 200 /
cookad.net/ 605 B
1 KB 3071ms
331ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/?shrs_link=test&sid=66cca451426971f82da5ac82&cp=1&tp=3&tpp=3

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b94fab6e91cd28e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Aug 2024 15:50:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRaKlwbrljFggbHFPrl6cTV%2BnP%2BC8OBRulCeMpmF7yLDAvy%2FwJrpkYnShGyHfnXrSQHNNEZORnVvyt9O8LZoPPxoqtSDDCpwhOmX7DpfpKSPR8myATIRt4uwDIE6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 Primary Request / Show response
cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/ 131 KB
36 KB 341ms
340ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Requested by

Host: cookad.net
URL: https://cookad.net/?shrs_link=test&sid=66cca451426971f82da5ac82&cp=1&tp=3&tpp=3

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05885c0c6ab7e0a2ffa24475b60ddb36191f7bbf66fd4d9ece06b624333a541c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b94fab92943d28e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Aug 2024 15:50:46 GMT
link: <https://cookad.net/wp-json/>; rel="https://api.w.org/" <https://cookad.net/wp-json/wp/v2/posts/39>; rel="alternate"; title="JSON"; type="application/json" <https://cookad.net/?p=39>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iP4dw7bKEzr5cw6QLPTwXyboditAnYC3BhNxARlokQSFatK3SEdz2zLglGs%2FDgogij4Te9z4SPo0X%2F4w88ctwDM6YxVNccbH7jKJUo0K%2FdEwbZPxKgWz1%2FYCDx%2Bb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pingback: https://cookad.net/xmlrpc.php
x-xss-protection: 1; mode=block

GET
H3 200 style.min.css
cookad.net/wp-includes/css/dist/block-library/ 110 KB
15 KB 35ms
35ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38732
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2024 22:41:10 GMT
server: cloudflare
etag: W/"66a03186-1b723"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ye5jp%2Fn3ufVHsdm%2F4HiOAU%2B84IdfYI8NX78IimeabgA4M9UziAhZCgERZMmvw7q5nfRngiMn0DiC1cSQlBm4WjiW7WRnka%2B9FJ0PfjLVlSR31b1AGmBkb4BaWzeQ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabb582ad28e-FRA
expires: Wed, 23 Jul 2025 22:41:14 GMT

GET
H3 200 global.min.css
cookad.net/wp-content/themes/kadence/assets/css/ 22 KB
5 KB 38ms
34ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-content/themes/kadence/assets/css/global.min.css?ver=1707563586

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38732
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Feb 2024 11:13:06 GMT
server: cloudflare
etag: W/"65c75a42-598d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QEjhMzHMbnlhLJ49tZo80JNnc5ZthRExi1BBIu1b1bMTC1VkEE2T6VEgQiTsfFs5SocZen4Sy01oUfwfULu6QEuzRV5UsKF3hoNt9aeMYx2kXt5QRoBz6rqS0uFY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabb5834d28e-FRA
expires: Thu, 03 Apr 2025 18:20:24 GMT

GET
H3 200 header.min.css
cookad.net/wp-content/themes/kadence/assets/css/ 26 KB
5 KB 56ms
51ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-content/themes/kadence/assets/css/header.min.css?ver=1707563586

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38732
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Feb 2024 11:13:06 GMT
server: cloudflare
etag: W/"65c75a42-67ee"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CvkkWmkSj%2BSPFteopEiJppbbmpuVPWu8rxPymP7H%2BQYEoTnbrE2qJ1EUa1ZwVpcsjFYG2gTFvd2QQbyASJJd6TQkkQPyTzdkP62UcdM7qoPT0l9viKiJRSBCeJ4q"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabb5842d28e-FRA
expires: Thu, 03 Apr 2025 18:20:24 GMT

GET
H3 200 content.min.css
cookad.net/wp-content/themes/kadence/assets/css/ 33 KB
6 KB 56ms
52ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-content/themes/kadence/assets/css/content.min.css?ver=1707563586

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1bc53033d3cfc5f7c22af24a9512f3ff21170b8b500ed0ae7e5bc8cb1bb8ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38732
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Feb 2024 11:13:06 GMT
server: cloudflare
etag: W/"65c75a42-822e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OWe8%2FZ0nrDdu%2BmfqQjd4r0u8Nue3%2F5KfTCYw%2FIQpLa18rH4YqKAc6hsuVaqYwndh%2BsB9utLlqsdWv4tyKqWG5lEW09DS%2FXBDx09U0YKh1nGqm33fe4PmYP%2FuSVBH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabb5848d28e-FRA
expires: Thu, 03 Apr 2025 18:20:24 GMT

GET
H3 200 related-posts.min.css
cookad.net/wp-content/themes/kadence/assets/css/ 996 B
895 B 37ms
33ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-content/themes/kadence/assets/css/related-posts.min.css?ver=1707563586

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f1dc84e4ef961b787e21d203ce06521cced0634ae8b6fc41718f3770d7a42c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38732
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Feb 2024 11:13:06 GMT
server: cloudflare
etag: W/"65c75a42-3e4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7LdwnMf%2FYted%2F4RxzPKV4RidZuK9m29PLQid3Vh2Xqd5xSSnV2CY%2F2Wrlo4OqFI%2FvL3LB%2BkkzgN4ymtl0IhsjMib7w88eERb2eAQn4oT5sd9h53QOJy4XkTTgsf"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabb584bd28e-FRA
expires: Thu, 03 Apr 2025 18:20:24 GMT

GET
H3 200 kadence-splide.min.css
cookad.net/wp-content/themes/kadence/assets/css/ 9 KB
2 KB 37ms
33ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-content/themes/kadence/assets/css/kadence-splide.min.css?ver=1707563586

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b52bfd72a0a8f321e2f49bd172bcd4f01bf14dde6416317d05ba15e5d1dd8f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38732
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Feb 2024 11:13:06 GMT
server: cloudflare
etag: W/"65c75a42-2389"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cZNaXlmRyK4VoCobsYVJgTc0vBRZdTxqBoZrOWJRs%2Fx16%2FCI0Prij61d2ZkvOBcRUtkbdaRONt77jRvt0TN4uRZGWjb%2BYoCihj75idM37itH%2B%2BhvoXaTolMalCE"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabb584fd28e-FRA
expires: Thu, 03 Apr 2025 18:20:24 GMT

GET
H3 200 footer.min.css
cookad.net/wp-content/themes/kadence/assets/css/ 20 KB
2 KB 57ms
53ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-content/themes/kadence/assets/css/footer.min.css?ver=1707563586

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c239f270b71525869b3a8fcfbaa2bef403b6a7e8656b471b2f5a685e3431b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38732
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Feb 2024 11:13:06 GMT
server: cloudflare
etag: W/"65c75a42-4e07"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kgQyvX5AhaLdVu%2Ff6zPbLILubtrmtrfkZRD66NdwMJIYnwucmJnzBvGqOr0qCC5I84n7U6T%2B9fLFW1%2BsFFYSqwdd%2BgOfhrxgQ4MXcr%2BXK6AwRJmq7C9YN4NCrZq"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabb5852d28e-FRA
expires: Thu, 03 Apr 2025 18:20:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 97ms
42ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W0EJLK80ZD

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba87fd0f6658e2b13ab352f23ab3ac5b53a68b98ac504d436b270e9dc27a04c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Aug 2024 15:50:46 GMT

GET
H3 200 script.js Show response
injectshrslinkblog.com/popup/ 10 KB
5 KB 204ms
165ms Script
application/javascript 172.67.141.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://injectshrslinkblog.com/popup/script.js
Requested by: Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8e797cd34721d39d3b6ba0e571c9c0b75089a2cdeb29327f9f4aec45a272095f

Request headers

Referer: https://cookad.net/
Origin: https://cookad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cdn-cache-control: public, max-age=100
server: cloudflare
etag: W/"27fc-YMyIMq9xcVetcxi+ngcjqQpGyCQ"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPRIlnWP7NZzcZX77g1U1DfY4N2Fh62CYaROyqZ6Lq0QgYBvSErGTxkfj3iHNP2diZ3VXqgTqCuXJFpZIxNG3JPlR8F9oTIfi9C5yqPjsejw9K9gHobCowntMMW%2F3dhfNIaqDGqBJuHs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://cookad.net
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 8b94fabb9bb94d88-FRA

GET
H3 200 sgpt.js Show response
securepubads.shareusads.com/scripts/tag/js/ 25 KB
9 KB 73ms
43ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Requested by: Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1e31d681db75c3f5608a8ac0f96f1690a5a56d2268fe1154929f24b2230d657e

Request headers

Referer: https://cookad.net/
Origin: https://cookad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23
x-powered-by: Express
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cdn-cache-control: public, max-age=100
server: cloudflare
etag: W/"654d-aT+3OIcsFgHnmQJi4iqJ/B8QCu4"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zlqPw5Kq0LAme3IdxIPV9DYokiDsy8Jb%2B4MlVVALOl7qN9U9gvfyBYXa8FHAEJAAZck93ZA26wBt0TNui8gOzjeuAjmq7qhOS6HLjq3Z5FEmURa8jr3mT8COHX2ox3zf80fObWhFFHlo5zRbgEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://cookad.net
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 8b94fabb88039b3d-FRA

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
32 KB 111ms
53ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d436a8f3a563f0ba03a5f140a064635e43178d2599c02d373e3075739f09fd97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32352
x-xss-protection: 0
server: cafe
etag: 884 / 19961 / 31086444 / config-hash: 16589588177142267248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 15:50:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 89ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Mono:regular,700%7CSpace%20Mono:regular&display=swap

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5545e58947464e2d01a7b14b3e84d0005fc0fd8ea60cf48385fbaab9a74ebca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Aug 2024 15:50:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Aug 2024 15:50:46 GMT

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

371 KB
137 KB

33ms
32ms

Script
application/javascript

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14343468
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRW73W9E5N5JJGB816FPJ1CE-fra
server: cloudflare
etag: "5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b94fabc5ec43a80-FRA

Redirect headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J67NTCBGWSHWRNWPH6VSHC19-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 311
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8b94fabc0e723a80-FRA

GET
H3 200 sgpt.js Show response
api.refershareus.xyz/scripts/tag/js/ 25 KB
9 KB 61ms
32ms Script
application/javascript 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/scripts/tag/js/sgpt.js
Requested by: Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1e31d681db75c3f5608a8ac0f96f1690a5a56d2268fe1154929f24b2230d657e

Request headers

Referer: https://cookad.net/
Origin: https://cookad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18
x-powered-by: Express
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cdn-cache-control: public, max-age=100
server: cloudflare
etag: W/"654d-aT+3OIcsFgHnmQJi4iqJ/B8QCu4"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G72cGqwyyzDwl6jXGbB0ZO1Zy24dI1oUlGT6VTZT0notWc%2FNiyd9o%2B2G7e9iEM9kq85qcqgzxNP0wOzxiNHYLMDXghAgw979sCpMXYzposFXNrmqn6Dlo358rpLdgKD9W2QjKwPliw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://cookad.net
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 8b94fabb8ddb193f-FRA

GET 3858ed58-ef90-458e-8846-40d3cd75893b
https://cookad.net/ Frame 0
0

GET
H3 200 comment-reply.min.js Show response
cookad.net/wp-includes/js/ 3 KB
2 KB 35ms
32ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-includes/js/comment-reply.min.js?ver=6.6.1

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38731
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Feb 2024 10:39:18 GMT
server: cloudflare
etag: W/"65c600d6-ba5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hwwsfos3C70mXi%2FJLX4Ss0MNurHj5VJTL46ygCF8Ml2i%2FoDUjGwxcilp2l8QsSMQMrfRAjHD6UugIEQ%2BZHAJOzZmSYEJLQ5SMTdi9chO04MaukTHmXzOL%2FUKMdIj"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabbc9a0d28e-FRA
expires: Wed, 23 Jul 2025 22:41:16 GMT

GET
H3 200 navigation.min.js Show response
cookad.net/wp-content/themes/kadence/assets/js/ 18 KB
5 KB 36ms
33ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.51

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc741f7e4c28b38fb6f193b8e5601c0510e72d600cb243b9721516d7fda9836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38731
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Feb 2024 11:13:06 GMT
server: cloudflare
etag: W/"65c75a42-4655"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BGRcy5ktHf3Zbjm2ep8A7I0AEZ27MFxeSL%2F3anVu1ZLy0Rjn6HnvF6kQo7HRJmodJM073CI6o2hSjAmu3dCyMqfGl9x00ytOGc%2FJw1rc6w8314%2FHt6a3V4q4%2BKk"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabbc9a4d28e-FRA
expires: Thu, 03 Apr 2025 18:20:22 GMT

GET
H3 200 splide.min.js Show response
cookad.net/wp-content/themes/kadence/assets/js/ 29 KB
13 KB 32ms
29ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-content/themes/kadence/assets/js/splide.min.js?ver=1.1.51

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d49bb711dc02e9b38889229ecf44072b7c6eb4790fd58e21caf546600f3e608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38731
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Feb 2024 11:13:06 GMT
server: cloudflare
etag: W/"65c75a42-7444"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jLMSHh5zK7g%2BoMejIb%2BAIulPum9xJuS0366Ykfv4%2BvwG8rExDMB%2BAjDoIafYIuT1vtLCU6xGShFNTM7dw3kbs0tWrWQloL7lb%2BO2x3gg34z75RbjdqRUAwoq%2FEUX"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabbc9a6d28e-FRA
expires: Thu, 03 Apr 2025 18:20:24 GMT

GET
H3 200 splide-init.min.js Show response
cookad.net/wp-content/themes/kadence/assets/js/ 2 KB
1 KB 35ms
32ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-content/themes/kadence/assets/js/splide-init.min.js?ver=1.1.51

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ce76c16750fa1c2c2575e130db72af79cc066e83e07318c573c8cd6ea26b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 38731
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Feb 2024 11:13:06 GMT
server: cloudflare
etag: W/"65c75a42-97d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3zpuA9tEUHuBUMyWSPazw3FMHKyQCH8K%2BrMUdPoDxX4KbnkUZbiD3mAxpxB7EyLHYPjsL26cd7eAoJIOHnpwUO34SFdwYOvRbAoN9HByR40Q8uGc%2Brgt4L2zy9tW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabbc9a8d28e-FRA
expires: Thu, 03 Jul 2025 07:25:31 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/spdjmedia-network/ 856 KB
239 KB 254ms
143ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Requested by: Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28e086d2417e19289a6f7101566b1a63f58f86f2647a32c84c7bd3b3cc73b06e

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: FmuTiblAUyZDJQBXRG4fzwo7_3TRlriy
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Aug 2024 15:50:46 GMT
x-amz-request-id: C2SSSFJ3SKHTYM3G
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 243779
x-amz-id-2: 6frE/eWHqSeiSyJT3fCAhCdTUUYFJtg/3mbo+CftfYASYTUXNpPI8uHBUVB5KUVgI3yzjDz2qyU=
x-served-by: cache-mad2200096-MAD
last-modified: Sun, 25 Aug 2024 19:24:52 GMT
server: AmazonS3
x-timer: S1724687446.488474,VS0,VE97
etag: "94d522fb27c5be47dd66c2adc00e10a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 98
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2
fonts.gstatic.com/s/robotomono/v23/ 22 KB
23 KB 82ms
32ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Mono:regular,700%7CSpace%20Mono:regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7dd144163721cef3b11282607dffe203646a44ac7275874c7fe09669f76ea02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cookad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 07:44:36 GMT
x-content-type-options: nosniff
age: 29170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22736
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:53:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Aug 2025 07:44:36 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/ 478 KB
149 KB 33ms
32ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086444

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

406684c7ca1393eea9101b9ef119c78b0f7801c267abcb2921c03f132703168f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 12:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13475
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152291
x-xss-protection: 0
server: cafe
etag: 9741817496811777231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Aug 2025 12:06:11 GMT

GET
H2 200 disable-devtool Show response
cdn.jsdelivr.net/npm/ 17 KB
7 KB 84ms
36ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/disable-devtool

Requested by

Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7564
x-jsd-version: 0.3.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6523
x-served-by: cache-fra-eddf8230052-FRA, cache-lga21931-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIwjsxNVWrehlACzokD7PyTLOxU0g5y4sY9Z4H2KLf2fO1a3zMgNdPM03xqWHqcsgAW4oAfrdVnCKQ2cbm5mBWf1LMnU%2FQrV%2F2Cf4Q5nHqnm%2BrAjEAmjaOoQNr39Agwpq2IZJlV0cufpzNgugHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b94fabd59fb0408-FRA

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
485 B 318ms
318ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=4d4b454e4a44484f4e4d&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtbIoQFjBhmqW3sfwH7%2BwrmSvv7C0W7Ojsvw2nFgljWfU0EfhIqb6vi4CGrCkRDZC4ZaFZzVaDAgsifN05CMt4rewN0v2Vn4e6hkG%2FxGdzaF1ng7ccTHeznYcPCR2ujCpK2Mdl%2FBtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd1f65193f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
486 B 370ms
369ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=444c4845454d4f4b4f4c&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyWOFBvvyOZ7yTZ1py2v1F4xtrbCXNPgFimoeHBQi1kwSqhs8nkoMIheqLhA%2BwAlfXQ08s6P%2BAh1yBmh21DCO44lfyJFWxDD74OZnEqYHPLdpdBpb2ZJlzbLEmnfcTem6gHQlYNNLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd1f66193f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 2 B
460 B 271ms
271ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=4c4a4e484a4e48454948&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIy9%2BwBz0e4TLcrQE2RWQKCPgWf7IQ7XaYVuBs8n27pcK6fhbmpNzCkayaqTJYrqtZzUiTTI1aOzkF9O%2BSTk8CHdCWsNIuytKuzZvhQ9ga3V%2BC6RoY3nxrfsrabV9w4P3pkREE9vNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd1f67193f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
488 B 273ms
272ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=4f4d48484e4e4b4a4b4e&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BAw5CCHZ2JpTWOToHrYzAAfAsviEeIUcmaIFgXN7dmYZsRbGFEcqe5VMmD6Y0gikeFIig4P2FZkMc3u6RZwUj9Kl86qrU6AFfnFsbtT08BWcO%2F%2Ft4nzdLVn6O%2FuU2%2BedsDAUhL6gyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd2f79193f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
487 B 741ms
740ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=4a4449454e4e484b4d4a&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BwFCvJKBskAfCx3q0fKmPypnKyui6tkyFPcy2LAHKcbKpcTOPtwOEFncUqzqg8wyVWqAEWVvCUD2MhObRIcPI%2BQ07mPORbVa2TzlQFn8w04NXzY0QeDcziWu9xJ45SmtP0%2FXMY7Rtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd3f83193f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
491 B 274ms
273ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=444c4d44494e4b49444d&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CLTVl%2BZqsrUoC8FR8ynoziA7dT9IFVCAboQb%2BiE1hkXq6fYXv7v2JzL6MLFmBmgikD2qPUdc%2B7IUnKyMUcxK3T4%2Bh28LtbAHZ1w3bNclbPZJx8kqKO1a2s%2B%2BE67YU99T2zTWJrWq6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd3f8b193f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
486 B 290ms
289ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=494d444a4f4c4b4b4f48&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esxtnBNtMDSGNalQO1XVl9YBvpv3RDVD5QH4u95tXDbDZpy7kWeIcQarQ6KU1bGvQtLJk4F6jbY3fdOPWKyP%2FAQnpt13Fje2l7pWEu%2BJUYDJmtP12Gkche9xCrLLYc7IXNhU%2F1vyog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd3f95193f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
494 B 761ms
761ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=444a4e484f49454c4b45&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAPJN650bNxYTsj2vQeSy1q9RXA37eF%2Fv8bN%2FEu3TrKdGNEn%2FI6r5m5bpmZgJgM4zRe5zW%2FIr%2FMK38TC%2FASvkU2gXy%2BvOU4tLqyvgTkXe430r7BHNYYELJNBkMMFW1DHhr7TJbAlkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd4f9e193f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
484 B 279ms
279ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=48444b494d4449454845&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rw0%2BlES6Sw20DRTFK0s1rPqabYrs0Zwthi2bfhBEjO91A2FfxfIRt66L%2FwtPBXAVKbkFXy6IhpT9pDlVysPHnuMuc0kBXooTFCgJQ0oRz8CGwpelr1Fq7r84CQIw7xFpHKQcb2l9nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd4fa5193f-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eca5892eff7f0fec449b846ab5c768794ef717d80ac6b76885b75e6bb80a14e2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 wp-emoji-release.min.js Show response
cookad.net/wp-includes/js/ 18 KB
6 KB 31ms
30ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 28388
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Apr 2024 22:42:11 GMT
server: cloudflare
etag: W/"660c89c3-4926"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Azk2tVnrmIg69DGhn%2F3oTAKn1jTQppUrrng7TMofRk6%2FgXgAPtbHwv7ONU6dE1LOnGt%2FfW1f2w1xgvYksk%2BcXS5Y%2F3lLrK0eVWLCrGSLGrtvP8XbYIbm6aU2z55s"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8b94fabd5eacd28e-FRA
expires: Wed, 23 Jul 2025 22:42:38 GMT

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
492 B 357ms
357ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=4c44444f4c4d4444454f&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHbg534pKjZtXYPgzzRQYi55DV9EGrRmvGYQfqK2tzklU4NemdCXBRJmXRkCjZEhuWw8V3wSn9FqslE%2FOTIKwErOVlyfrHyr6EfJcno8TyZzcmk%2FRu8ga%2FbchjXt%2FTIUfkq%2FHHy1Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd5fb4193f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
api.refershareus.xyz/ 32 B
491 B 357ms
357ms Fetch
text/html 172.67.147.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.refershareus.xyz/ads?d=49494d4b4f4f4d4e4a4e&a=4e484d494c4c4c4b4c4a&p=1408080c0f4653531f1313171d1852121908531d0a13151815121b511f1311111312511e1d121715121b5111150f081d17190f510b141d08510513095112191918510813511712130b53&r=12091010
Requested by: Host: securepubads.shareusads.com
URL: https://securepubads.shareusads.com/scripts/tag/js/sgpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
x-cache-status: MISS
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZ5FIAsHXZqAfa2DRnu%2BrfDmefGLh0%2BKxhiuVcz4EJfX%2Fi7MctKvatsCj10HC%2BcwRKZN61NmMGYh%2BpwdrMpKuLUwDtET4NmLRjcgqusfHmFM3WBKFrvC%2FgcM5TwphRCqVLsmbXyZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
cf-ray: 8b94fabd6fbb193f-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 50ms
20ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W0EJLK80ZD&gtm=45je48l0v9132631460za200&_p=1724687446347&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=843757234.1724687447&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724687446&sct=1&seg=0&dl=https%3A%2F%2Fcookad.net%2Favoiding-common-banking-mistakes-what-you-need-to-know%2F&dt=Avoiding%20Common%20Banking%20Mistakes%3A%20What%20You%20Need%20To%20Know%20%E2%80%93%20Cookad&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=711
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W0EJLK80ZD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 15:50:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cookad.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 116ms
51ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cookad.net
URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

d225ae50999ddc18aebe16fa9a0e12005636f3bcf1ff1452b0ce922d216ac14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
Origin: https://cookad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52034
x-xss-protection: 0
server: cafe
etag: 2942510671333525843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 26 Aug 2024 15:50:46 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 690 B
395 B 68ms
68ms Fetch
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2776889945618991&correlator=3913031831314937&eid=31079956%2C31083339%2C31085739%2C31086469%2C31086444%2C31085995%2C44777900&output=ldjh&gdfp_req=1&vrg=202408220101&ptt=17&impl=fif&iu_parts=23194946614%2Cca-pub-9171828850193822-tag%2Cdemo_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1724687446730&lmt=1724687446&adxs=650&adys=581&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcookad.net%2Favoiding-common-banking-mistakes-what-you-need-to-know%2F&vis=1&psz=1178x5536&msz=300x0&fws=4&ohw=1600&td=1&egid=6037&tan=8dacd8fe-aac7-48a7-a348-37ff88689e25&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724687446281&idt=400&adks=3154130993&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086444

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2bc1a48a44cebfe7fd42b614ad69fd89997fd669ff45336fe98204a0dc0a2229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 366
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cookad.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC7D 0
0 181ms
64ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 15:50:46 GMT
expires: Mon, 26 Aug 2024 15:50:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame BE6E 0
0 142ms
46ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://cookad.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

abp: 37
accept-ranges: bytes
access-control-allow-origin: *
age: 32564
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Mon, 26 Aug 2024 15:50:46 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: bfSjpX+iCRfwI890/QdJh46aLpYiSjv60aY2rmeoNfsL6ojv+/O7aJY2zmfbRfKSmA7BoPAEZZ8=
x-amz-replication-status: COMPLETED
x-amz-request-id: KRGDMHR6SWP5MRA7
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 46087
x-served-by: cache-mad22046-MAD
x-timer: S1724687447.934956,VS0,VE0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
431 B 54ms
15ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 220765
expires: 60

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 100ms
52ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202408220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086444

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

85176212bd2a32464eec9a179260275e6af1872fde4b6eb6fec9ecd61a48fa32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12909
x-xss-protection: 0

GET
H3 404 favicon.ico
cookad.net/ 146 B
528 B 229ms
229ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookad.net/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbnnxBEMaw79RtJPHILbcSo6hNAEXFGPPKLMz1E5aDbnmiKH0YGkERzBE4gr0Ylg6bVVBYSauuKyhqExrjSHIcOPZ3feozMMvOjPio%2BRkQvrcIlW1Cv%2FY6vBjjAb"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8b94fabfae23d28e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 30 KB
12 KB 3105ms
3105ms Fetch
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2776889945618991&correlator=3913031831314937&eid=31079956%2C31083339%2C31085739%2C31086469%2C31086444%2C31085995%2C44777900&output=ldjh&gdfp_req=1&vrg=202408220101&ptt=17&impl=fif&iu_parts=22447375539%2C8630%2C8630_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280&ifi=2&sfv=1-0-40&eri=4&sc=1&cdm=cookad.net&abxe=1&dt=1724687447047&adxs=211&adys=329&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F8630.play.gamezop.com&loc=https%3A%2F%2Fcookad.net%2Favoiding-common-banking-mistakes-what-you-need-to-know%2F&vis=1&psz=1178x5536&msz=1178x0&fws=4&ohw=1600&td=1&egid=6037&tan=8dacd8fe-aac7-48a7-a348-37ff88689e26&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724687446281&idt=400&prev_scp=pos%3DgamezopDesktopSideHome%26retry%3D1%26gzp_enable_hb%3Dtrue%26productVersion%3Dgzp-play%26apsEnabled%3Dtrue%26prebidEnabled%3Dtrue%26page-lang%3Den&adks=914490353&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086444

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

db7af7c20cbb8cb9d6f1f326fab0bebdb15cf34d7ec285249e9fce7aa9f721da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12452
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cookad.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 17 KB
7 KB 90ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 15:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 15:50:47 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B6DF 0
0 78ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 31398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 07:07:29 GMT
expires: Tue, 26 Aug 2025 07:07:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 json Show response
trc.taboola.com/spdjmedia-cookad/trc/3/ 31 B
368 B 2830ms
2821ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/spdjmedia-cookad/trc/3/json?llvl=2&tim=17%3A50%3A47.322&lti=trecs&pubit=n&t=1&data=%7B%22id%22%3A%2215336%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Favoiding-common-banking-mistakes-what-you-need-to-know%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1724687447322%2C%22cv%22%3A%2220240825-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcookad.net%2Favoiding-common-banking-mistakes-what-you-need-to-know%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fcookad.net%2Favoiding-common-banking-mistakes-what-you-need-to-know%2F%22%2C%22vpi%22%3A%22%2Favoiding-common-banking-mistakes-what-you-need-to-know%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6939%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22spdjmedia-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A0%2C%22uim%22%3A%22thumbnails-below%3Apub%3Dspdjmedia-network%3Aabp%3D0%22%2C%22cd%22%3A5865.58%2C%22mw%22%3A0%2C%22amw%22%3A1178%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Favoiding-common-banking-mistakes-what-you-need-to-know%2CBelow%20Article%20Thumbnails%3Dthumbnails-below%3Apub%3Dspdjmedia-network%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1724613890644%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Atrue%2C%22su%22%3Atrue%7D%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 32
date: Mon, 26 Aug 2024 15:50:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 28346
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-mad2200096-MAD
x-log-content-encoding: gzip
server: nginx
x-timer: S1724687447.361801,VS0,VE32
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://cookad.net
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 impl.20240825-18-RELEASE.js Show response
cdn.taboola.com/libtrc/ 920 KB
185 KB 46ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240825-18-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: dda47caa7aa440919ec9c047e4d9969e5cfbec9fad6def3320930882f01f667a

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: iQcvd477hjWLGg4c989flx.gI37zKkwm
content-encoding: br
via: 1.1 varnish
date: Mon, 26 Aug 2024 15:50:47 GMT
x-amz-request-id: XYZE09EH4ABPSP13
age: 7537
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 188891
x-amz-id-2: y5dIldZKWVHlj29aSPc83S3oksslFIVgcRDBHpiN1k6ZMfII8BB1+V91X6WJAkgemXcDwwStJRQ=
x-served-by: cache-mad2200096-MAD
last-modified: Sun, 25 Aug 2024 13:44:56 GMT
server: AmazonS3-br
x-timer: S1724687447.354558,VS0,VE0
etag: "72315c18803928bc7bb8af9ab4566786"
vary: Accept-Encoding
content-type: application/javascript
abp: 39
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 22823

GET
H2 200 google-topics-api.20240825-18-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 2754ms
2754ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240825-18-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab69eec32bbee575b160493986ad1167f5a7bda42bed7c2672fd417a4bd05c82

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 1fG9qDmTxrEHn35s3GxFexbccLzSAmxR
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Aug 2024 15:50:50 GMT
x-amz-request-id: HZ9HTHMZYBYGEDTW
age: 72432
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1059
x-amz-id-2: G82AttNXo51zHDGeScCw10QoI8JW/TBlqf3l+G0YjKJz77udTpcdTf6gSdJhD4oJbNFypNc+8n8=
x-served-by: cache-mad2200096-MAD
last-modified: Sun, 25 Aug 2024 19:43:39 GMT
server: AmazonS3
x-timer: S1724687450.165245,VS0,VE0
etag: "168c30e55b4b58391e4bb441027b1b79"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 91
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 99012

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 2267ms
2267ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H2 204 debug
trc-events.taboola.com/spdjmedia-cookad/log/2/ 0
124 B 121ms
14ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/spdjmedia-cookad/log/2/debug?type=info&msg=page%2C%20info%2C%20injected%20RTUS%20service&lt=trecs&tim=17%3A50%3A50.165&id=24867&cv=20240825-18-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cookad.net
date: Mon, 26 Aug 2024 15:50:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12761

POST
H2 204 debug
trc-events.taboola.com/spdjmedia-cookad/log/2/ 0
125 B 119ms
13ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/spdjmedia-cookad/log/2/debug?type=warn&msg=Taboola%20Push%20Option%20modes%20%22thumbnails-below%22%20not%20present%20in%20Publisher%20Config%20modes.&lt=trecs&tim=17%3A50%3A50.166&id=17274&cv=20240825-18-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cookad.net
date: Mon, 26 Aug 2024 15:50:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12761

POST
H2 204 debug
trc-events.taboola.com/spdjmedia-cookad/log/2/ 0
124 B 118ms
14ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/spdjmedia-cookad/log/2/debug?type=warn&msg=response%20is%20missing%20recommendation%20on%20all%20placements%3A%20%22ERROR%22&lt=trecs&tim=17%3A50%3A50.166&id=39575&cv=20240825-18-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cookad.net
date: Mon, 26 Aug 2024 15:50:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12761

POST
H2 204 metrics
trc-events.taboola.com/spdjmedia-cookad/log/3/ 0
242 B 123ms
15ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/spdjmedia-cookad/log/3/metrics?lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cookad.net
pragma: no-cache
date: Mon, 26 Aug 2024 15:50:50 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 metrics
trc-events.taboola.com/spdjmedia-cookad/log/3/ 0
242 B 114ms
15ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/spdjmedia-cookad/log/3/metrics?lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cookad.net
pragma: no-cache
date: Mon, 26 Aug 2024 15:50:50 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 container.html
6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3EB 0
0 2ms
2ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cookad.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 15:50:46 GMT
expires: Mon, 26 Aug 2024 15:50:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 1C55 0
0 0ms
0ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240825-18-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://cookad.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

abp: 37
accept-ranges: bytes
access-control-allow-origin: *
age: 32564
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Mon, 26 Aug 2024 15:50:46 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: bfSjpX+iCRfwI890/QdJh46aLpYiSjv60aY2rmeoNfsL6ojv+/O7aJY2zmfbRfKSmA7BoPAEZZ8=
x-amz-replication-status: COMPLETED
x-amz-request-id: KRGDMHR6SWP5MRA7
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 46087
x-served-by: cache-mad22046-MAD
x-timer: S1724687447.934956,VS0,VE0

POST report
api.shrslink.xyz/ 0
0

OPTIONS
H3 403 report
api.shrslink.xyz/ Frame 0
0 54ms
26ms Preflight
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shrslink.xyz/report?sid=66cca451426971f82da5ac82

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cookad.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=15
cf-ray: 8b94fad69bc8d2d3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Aug 2024 15:50:50 GMT
expires: Mon, 26 Aug 2024 15:51:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNjsxwv7vBDrAxG3lUHk3qcNIuq5rh9DUqynxoLGhBGCQ7kz7JH6zG9TfiZ0DiYeRFD9IPHqpbsDygXSyjfLXZ%2Fz%2B2k4hTz37iwPCRqpv17q9Wi2dHH6mWLHm1uz24gyKd1c"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 68ms
63ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js?cb=31086444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 mbox
vidanalytics.taboola.com/putes/ 2 B
225 B 159ms
134ms Ping
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidanalytics.taboola.com/putes/mbox
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/spdjmedia-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://cookad.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-served-by: cache-mad2200096-MAD
date: Mon, 26 Aug 2024 15:50:51 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1724687452.852468,VS0,VE88
x-cache: MISS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://cookad.net
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-backend-name: 5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00101

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.shrslink.xyz
URL: https://api.shrslink.xyz/report?sid=66cca451426971f82da5ac82

Domain: cookad.net
URL: blob:https://cookad.net/3858ed58-ef90-458e-8846-40d3cd75893b

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408220101&jk=2776889945618991&bg=!w8ClwI_NAAag2_gngNs7ADQBe5WfOF44kB-i66FYhJXodcCPUQs_VJigjR2sB4kDVoqKFUMR5hoTjz_ncjyEfzcvGNHKAgAAAH5SAAAABGgBB34ANvF-gR5ylJ05DZ3ye3KykbxsjsoY6KpqxW80oUoMJbbPL_VHu116HUyLTWTrj1VPBTlc6wdDK5kDDHf-QrF8jTMej7Z4d4g8FiU7_xNJsYRzS9wVQ1dmUHNQ7v5lFLOooUTNV74PI_LS3xoR-SNsWOsaokBRExDLPP8G6YTsOQ0iFZIdMYL_yQJj4mVP3GQJihBMHItCHP4b2gaEvos36XPDbDIQ-gRbD2EOJhfQO_Tt3xZf58k6N2pnT515NfVJ3zV4lz42yvFQHWPOMT8Hj7fBO5CSmyELpk0nYeGeiTaVw3x_FNjz7rBSDcMsbXkaNJQLFTBzkOZetz5AfdokPNnSP_bRZah1UOLC_a3My8Bug8SV_2fxsBGjTIhHZIup_QQCSm8Djps_mOd3AddD3_5o2c-XYU5LgX-9Wd51qOKuiSuJgBoEG-7a6APNE94YAm4NvgdhYj3Cl4anKBTAQ8Cg_GCNc2ZY89CujXLBeA4XtPiUz8AzOJ76m8KdQBsYZ0XhhUGq4kVnhIGtoWKdXIc7vlbZAGQDlcjGiXhhDk9oZ_-FBC2_BAJzXzS7FZpdHtEKWwfjtTSDSVL0jDVVTNTuH8rZ05laOzoP52gzorv_6bBuUmffssmBR-gaBAEG-y1JhfEyqE3W-pOirdDTRODgbL7ZnyPPs_JyzstOg-keC6RS2XMarZU9uXj0GOqTkfvNZt2DI5bYf78-lDI8G3Vm_SSCfQev5eMj4HSVEdOUYtsGm8PMW3jY0eZSENIHGBWLC3G6I-39w1Q5UPJHiFHRgDXGuxL7zm5RzLS7ImL1ajKoZmqK_2Rk8ezlEmX5EeE1MK10OaFnGOzRyD_hycPmKW-i7qlDMLpQYmwgbkqt_c6qaxVogcw2vacEtDZoqudO2nsuIRqtbBuheGotfd3Wies0oXu3q9K5IJBePpm2jQXbNvg3hVXKFP2ZT-a1dS1KDpliQK75MNiy6Xf95ybFHjnzkoRBzKmUwx-97G-eK7THw342QCZS2wnkEsoOVx4gl0wpbmpnz11RTCVes6kDMdcqQdaOXDL12NefiFp0XKnuUH7G_BDjp6vFU2J0VFO8Of7C4qDvJ4cHEpQmEFH1fnVZ8w

Domain: api.shrslink.xyz
URL: https://api.shrslink.xyz/report?sid=66cca451426971f82da5ac82

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shareus.io/	1970-01-20 23:04:48	Name: shareus_visited Value: true
.shareus.io/	1970-01-21 08:40:47	Name: _ga Value: GA1.1.1380570129.1724687441
.shareus.io/	1970-01-21 07:50:23	Name: cf_clearance Value: guYaoeWvfCcX9wlWm53pfGU.UC6.rgK56uJYW0GQwbE-1724687441-1.2.1.1-3KYmqKz0voY5X842wfsLloI6oz2GtDhKNOcLA_LkGdk6KvN1.Zb7XUr9kwOKLgS7YNYRcDw_WSOcKjgqXJyqPjIeOhVLs2se21vHj5y4o2JaI2w.YRYpRMjaAPehlGk91stu8vejzq76Oup48WRCpwDOFDGZcBBDIyhs8t3ssVatQMAaztsIFGevBQqFII4mqjMuSLOk9HtO4cRWaOwH1XOdBTdykEcutJ9jmFjv.xLrEuWfzkIQ9L3IVoEBXMWEJk7.7gCf8dZ9NfYz2vUewSRaS.hW0sM0M0FrpqZ4QNmj.IeX7z98I0z9gFos9gGXkfgk2Lfxw20eWVD.JCwBktM16qtcyuh6UbI60jjVsBTWJFp7TX7BrlPjrZEyLIBf
.shareus.io/	1970-01-21 08:40:47	Name: _ga_WYMKN8FLPH Value: GS1.1.1724687441.1.0.1724687442.0.0.0
cookad.net/	1970-01-20 23:04:47	Name: shortid Value: test
cookad.net/	1970-01-20 23:04:47	Name: shr_cp Value: 1
cookad.net/	1970-01-20 23:04:47	Name: shr_tp Value: 3
cookad.net/	1970-01-20 23:04:47	Name: shr_sid Value: 66cca451426971f82da5ac82
cookad.net/	1970-01-20 23:04:47	Name: shr_tpp Value: 3
.cookad.net/	1970-01-21 08:40:47	Name: _ga_W0EJLK80ZD Value: GS1.1.1724687446.1.0.1724687446.0.0.0
.cookad.net/	1970-01-21 08:40:47	Name: _ga Value: GA1.1.843757234.1724687447
.cookad.net/	1970-01-21 03:23:59	Name: __eoi Value: ID=483a80b8a1418f6d:T=1724687446:RT=1724687446:S=AA-Afjb9okKwA3VYnT4jaA8zulSM
.criteo.com/	1970-01-21 08:26:23	Name: receive-cookie-deprecation Value: 1
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://shareus.io/NycQRb Message: Access to XMLHttpRequest at 'https://api.shrslink.xyz/report?sid=66cca451426971f82da5ac82' from origin 'https://shareus.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.shrslink.xyz/report?sid=66cca451426971f82da5ac82 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cookad.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://cookad.net/avoiding-common-banking-mistakes-what-you-need-to-know/ Message: Access to XMLHttpRequest at 'https://api.shrslink.xyz/report?sid=66cca451426971f82da5ac82' from origin 'https://cookad.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.shrslink.xyz/report?sid=66cca451426971f82da5ac82 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6279a412be6ab0ad18a77a3cc0d0992f.safeframe.googlesyndication.com
api.refershareus.xyz
api.shrslink.xyz
cdn.jsdelivr.net
cdn.taboola.com
challenges.cloudflare.com
cookad.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
injectshrslinkblog.com
mercury.phonepe.com
pagead2.googlesyndication.com
redirectshareus.xyz
region1.google-analytics.com
securepubads.g.doubleclick.net
securepubads.shareusads.com
shareus-cache.web.app
shareus.io
shrs.link
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
unpkg.com
vidanalytics.taboola.com
www.googletagmanager.com
api.shrslink.xyz
cookad.net
pagead2.googlesyndication.com
104.18.94.41
104.18.95.41
141.226.228.48
142.250.185.130
142.250.185.194
151.101.193.44
151.101.65.44
172.67.141.86
172.67.147.50
172.67.156.180
188.114.96.3
188.114.97.3
2001:4860:4802:34::36
216.58.206.34
2606:4700::6811:4cc3
2606:4700::6811:f7cb
2606:4700::6811:f9cb
2606:4700::6812:ba1f
2606:4700::6812:bb1f
2620:0:890::100
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a02:2638:3::c
2a06:98c1:3121::3
05885c0c6ab7e0a2ffa24475b60ddb36191f7bbf66fd4d9ece06b624333a541c
13335432311d4f03ef0e79d978e62f9a8691cab7633a6ed90804651dca6e7d02
1354573b35f5400574520e3fffb9f4b9a30920de53901263a6d30243604ee7eb
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19ce76c16750fa1c2c2575e130db72af79cc066e83e07318c573c8cd6ea26b30
1bc741f7e4c28b38fb6f193b8e5601c0510e72d600cb243b9721516d7fda9836
1d49bb711dc02e9b38889229ecf44072b7c6eb4790fd58e21caf546600f3e608
1e31d681db75c3f5608a8ac0f96f1690a5a56d2268fe1154929f24b2230d657e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28e086d2417e19289a6f7101566b1a63f58f86f2647a32c84c7bd3b3cc73b06e
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
2bc1a48a44cebfe7fd42b614ad69fd89997fd669ff45336fe98204a0dc0a2229
344ea822c96c059518ade296bffdb2b70d98a3806276e59d1bd8a207803dd014
406684c7ca1393eea9101b9ef119c78b0f7801c267abcb2921c03f132703168f
43c239f270b71525869b3a8fcfbaa2bef403b6a7e8656b471b2f5a685e3431b2
4952430bb283352795e98ae8896e5228ae8377beb066a458987ee00343c7a856
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4fe780ebbb0584bc3d484ec52f0463f57992a2b130dd395af016443c909c39a2
50cfc2943d025a8735f0920ede3c1c5adcdea5cfe735b684580c4d835a296f01
5545e58947464e2d01a7b14b3e84d0005fc0fd8ea60cf48385fbaab9a74ebca5
55bd3938342a6236c45cd2d85734190cf1bbde320d612492db8e1f98c6d91f8d
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e97a841678fbbfc045bcdcaa68482079d0af10aeacc9ca993a443fb3036876
620eea24b0cee1d8cc8395c80f295cf2e7b6fab962493c26b49a8d42b63a4dc9
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
6f6c7e21a033ba788d3c4ab39fd8a313607ecc2e60118e127970e47d45a97228
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55
85176212bd2a32464eec9a179260275e6af1872fde4b6eb6fec9ecd61a48fa32
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e797cd34721d39d3b6ba0e571c9c0b75089a2cdeb29327f9f4aec45a272095f
8f1b95798132bfafc504b1160c3dc01118a9fa034812f5c4cdfb57df13c9b7d3
9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791
a5740cef2895ae9b61ebe7dc5f5d8af0b21f238c7f54c95664b82750891b215b
ab69eec32bbee575b160493986ad1167f5a7bda42bed7c2672fd417a4bd05c82
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b1bc53033d3cfc5f7c22af24a9512f3ff21170b8b500ed0ae7e5bc8cb1bb8ac6
b52bfd72a0a8f321e2f49bd172bcd4f01bf14dde6416317d05ba15e5d1dd8f42
b7e75d3d8418058e7e7cbf51ec573d8623a81536b79e46c669c83c3c58456e0a
ba2202db7bbb19c0644897852dd490c30978ebe9cb8bb5428acefa7c22b31bac
ba87fd0f6658e2b13ab352f23ab3ac5b53a68b98ac504d436b270e9dc27a04c5
c092876c1dea1825076fb572d07776f0bc28f2e6db4beba58be79190cee27c8b
c7dd144163721cef3b11282607dffe203646a44ac7275874c7fe09669f76ea02
d225ae50999ddc18aebe16fa9a0e12005636f3bcf1ff1452b0ce922d216ac14c
d3ca80516a1859decc358ee9d2051652ae6518296317479f6d9f28d817e8b2e6
d436a8f3a563f0ba03a5f140a064635e43178d2599c02d373e3075739f09fd97
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db7af7c20cbb8cb9d6f1f326fab0bebdb15cf34d7ec285249e9fce7aa9f721da
dda47caa7aa440919ec9c047e4d9969e5cfbec9fad6def3320930882f01f667a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8
eca5892eff7f0fec449b846ab5c768794ef717d80ac6b76885b75e6bb80a14e2
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f2f1dc84e4ef961b787e21d203ce06521cced0634ae8b6fc41718f3770d7a42c
fd0a76f940283904cdb52ca14c57b451cd5277dd991967adeffc7aeb57dc8dab

cookad.net Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

92 %HTTPS

54 %IPv6

22 Domains

28 Subdomains

29 IPs

5 Countries

2181 kBTransfer

7346 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cookad.net Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

92 %
HTTPS

54 %
IPv6

22
Domains

28
Subdomains

29
IPs

5
Countries

2181 kB
Transfer

7346 kB
Size

14
Cookies

100 HTTP transactions
2 data transactions