tivify.oglcn.com Open in urlscan Pro
2606:4700:3032::6815:5e31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tivify.oglcn.com/
Submission: On December 23 via api (December 23rd 2023, 11:10:33 pm UTC) from US — Scanned from US

Summary HTTP 67 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 11 domains to perform 67 HTTP transactions. The main IP is 2606:4700:3032::6815:5e31, located in United States and belongs to CLOUDFLARENET, US. The main domain is tivify.oglcn.com.
TLS certificate: Issued by E1 on November 27th 2023. Valid for: 3 months.

This is the only time tivify.oglcn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3032::6815:5e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	162.0.215.195 162.0.215.195	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2606:4700:303... 2606:4700:3036::ac43:db36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4004:c08::8a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::67	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::8a	() ()
67	14

24 2606:4700:3032::6815:5e31 (United States)

ASN13335 (CLOUDFLARENET, US)

tivify.oglcn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.215.195 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server305-4.web-hosting.com

codeff.mytop5.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:db36 (United States)

ASN13335 (CLOUDFLARENET, US)

regedit.pyick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c08::8a (Ashburn, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::8a (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	oglcn.com tivify.oglcn.com	5 MB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	72 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	224 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	12 KB
2	gstatic.com fonts.gstatic.com	61 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	google-analytics.com www.google-analytics.com	255 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	91 KB
1	w.org s.w.org — Cisco Umbrella Rank: 3043	656 B
1	pyick.com regedit.pyick.com
1	mytop5.club codeff.mytop5.club sorteo.mytop5.club Failed	42 KB
67	11

	Domain	Requested by
24	tivify.oglcn.com	tivify.oglcn.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	tivify.oglcn.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	tivify.oglcn.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	tivify.oglcn.com
1	www.google.com	tpc.googlesyndication.com
1	s.w.org	tivify.oglcn.com
1	regedit.pyick.com	tivify.oglcn.com
1	codeff.mytop5.club	tivify.oglcn.com
0	sorteo.mytop5.club Failed	tivify.oglcn.com
67	14

This site contains links to these domains. Also see Links.

Domain
instagram.com
es-co.wordpress.org
www.candidthemes.com

Subject Issuer	Validity	Valid
oglcn.com E1	`2023-11-27` - `2024-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
codeff.mytop5.club Sectigo RSA Domain Validation Secure Server CA	`2023-10-07` - `2024-06-07`	8 months	crt.sh
pyick.com E1	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://tivify.oglcn.com/
Frame ID: 75D02C87D6ED8566F7E12173CCA22BD7
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 8C6FAC51CB75525F544E4FC8121E45F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&adk=1812271804&adf=1573534164&lmt=1703373028&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027800&bpp=4&bdt=645&idt=324&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3042842189116&frm=20&pv=2&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=362
Frame ID: D6C82C6232CE92E4ECDDAD95AFE549EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1974709217&adf=3025194257&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027804&bpp=2&bdt=648&idt=363&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=372
Frame ID: 6D0999D1342BE05AECDF889BA5A17C93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1088523179&adf=1954423807&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027806&bpp=1&bdt=650&idt=374&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=451&ady=1351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=381
Frame ID: 76ED5C76C2AE6C001095F2B14D497A72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1088523179&adf=1070288722&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027807&bpp=1&bdt=651&idt=385&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=451&ady=2123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=390
Frame ID: 32DD1D21B9BB281D2C49D25CAD844009
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1088523179&adf=3921590319&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027808&bpp=1&bdt=652&idt=392&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=451&ady=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=397
Frame ID: 34291380010F568742328F2796756D63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1088523179&adf=1183607552&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027809&bpp=1&bdt=653&idt=406&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=451&ady=4105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=425
Frame ID: 4C1A87C0EAA456E59EA304C6E351B283
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F418ADC17CBD7948B113770A25F8875D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04BEFD162871C8C1DE5887F83899E16D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

tivify – Bienvenidos

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

67
Requests

97 %
HTTPS

85 %
IPv6

11
Domains

14
Subdomains

14
IPs

1
Countries

5583 kB
Transfer

6822 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/pablo_egv_ofi?igshid=MzNlNGNkZWQ4Mg==
Title: ¡Hola Creadores De Contenido! ¿Están Buscando Trabajo Y Desean Generar Buenos Ingresos?

Search URL Search Domain Scan URL

URL: https://es-co.wordpress.org/
Title: Funciona gracias a WordPress

Search URL Search Domain Scan URL

URL: http://www.candidthemes.com/
Title: Candid Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tivify.oglcn.com/ 155 KB
43 KB 282ms
204ms Document
text/html 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8edbd8345d3ed91474f3c8e98c1b505aec4cc0cd9764a49e21be20f40a2a6871

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83a447282e75b3e0-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 23:10:26 GMT
link: <https://tivify.oglcn.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1z8HL5g%2Ftea%2BxVksZTK62ZKm5UPcmesEdgcrIiiAhyGPGgqQhIBSXiR9Tg%2FPWceDU%2BtIQ4aaln7SsugAM1r64Z6%2FJHJ18iZ8lx09VLkPymVTvRnU6ZrLCw0NDl%2Bd2nHpuQZr29v%2FEXEwuQ0WSknY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
tivify.oglcn.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 50ms
45ms Stylesheet
text/css 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:36:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 296459
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baTd8%2B3yE7Sb60p2xhVrB8ad4TP2GdsRODjiVBlAuENswX8O4KglhQl41S%2B5royr7JwOarOoiOkdKVqnZaDzKKlPUQCNQs2h84fo3hfSnKt%2BQ3OKLSb25rLJx2qlhzJD6pE95S9d%2BW12cj0ZS8sN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472bebbeb3e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 12:49:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
934 B 185ms
72ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.4.2

Requested by

Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e8d94d8bc2dc3d397d5a98f49db64b97f54f1f184540ada8f82d6d4fc5cf426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 22:58:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 23:10:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
672 B 189ms
76ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C300%2C700&ver=6.4.2

Requested by

Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8046e624b87d35265325e160609ed4f96a327756ededf8594798dadf20a2b24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 23:10:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 23:10:27 GMT

GET
H2 200 font-awesome.min.css
tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/ 30 KB
7 KB 47ms
44ms Stylesheet
text/css 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 444638
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCG0A2fS83PjNuLKd7gB%2FVcs%2BWzbvfAq2QGQ9whC%2F%2FwrKnaftmJU%2FEzsCIx2uvUiGp9Qa%2B9a%2Fr4zQdjGuSV2ltCWNNkZZaMDHLkINfVYtINH%2FrIuKvxCzy3mukTv4emxCwBDpu2IRRbmqKZ1Oy0G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472bebc1b3e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Dec 2023 19:39:49 GMT

GET
H2 200 slick.css
tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 2 KB
830 B 50ms
47ms Stylesheet
text/css 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.css?ver=1.3.7
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103258
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xKld0d1MJ%2F8AB%2BY8C5GgHhte6dEtkAaJBb1yIIRuAopQsKqHg3tRBXgv84k0LjjBeDfkMT8NeuSY81NyC%2Fuq8%2Bgo4FT9uqzrX%2BonKwVNqjMuHOvZgmDGO9%2B9tgTAU8DVG%2BjhkkhqbGXAPNjhBNR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472bebc2b3e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 18:29:29 GMT

GET
H2 200 slick-theme.css
tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 3 KB
1 KB 45ms
42ms Stylesheet
text/css 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick-theme.css?ver=1.3.7
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 207914
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3ccRbp2x2iKuV6fMDiS2j0%2BmYeYxaPjBAyT1BmCzzrGNGvP9ev9A8Fji4yYXedzB0GGLwkFEXP4h0OiDxt02GmQ%2FzssMQtdq43Sv9UvP1TojDTF3lIAiu48z8TtgqyQ%2B1HJ1C1fNaubX%2FKISony"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472bebc3b3e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Dec 2023 13:25:13 GMT

GET
H2 200 style.css
tivify.oglcn.com/wp-content/themes/fairy/ 103 KB
19 KB 54ms
51ms Stylesheet
text/css 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/themes/fairy/style.css?ver=1.3.7
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9d61380220dc6557adf818615193db49999ec5af04e82d2a4be2970ebda389e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 444638
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgUyDBa0t330MQmoCs36e%2Fb7aJK62mFIpibSIO8LNggAF186o2ms6aiw%2BuPY9iikwNPwpnDGbKuYnqjSdLmiu1k5GJafKi1HxGXHrDR3AkScWuXwQbZmfDhnHJ43TnNM4O3kvK9FfA2bjxvtWr6k"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472bebc4b3e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Dec 2023 19:39:49 GMT

GET
H2 200 front.min.css
tivify.oglcn.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 42ms
40ms Stylesheet
text/css 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.13
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 15:20:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103258
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkS1lcW6St7JxAYq0WjTppRn6CkLDlFcTX%2Fz6pQWMO6U8ShIb2m%2Buz6S3AQNIPOBkyhS%2BbAlMlBRIh%2FKX%2FQ78sYh1dokIzqtQbdEWEdL9WtfHSzZMVdKvB%2BB%2B1mWhdJypvhVxii292oXA8QNMt2z"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472bebc5b3e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 18:29:29 GMT

GET
H2 200 jquery.min.js Show response
tivify.oglcn.com/wp-includes/js/jquery/ 86 KB
31 KB 57ms
56ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:36:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 444638
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nmvCcvxnOgv1OMOB3NoTLl6L535ZOaBeEvqNdlpVE2lmP45FqY66l8wmcWvgl499c7dFsWheJJN2ZHo9HAR4ORPc186mirt%2FDDn3UuBll6sOgXb8fW9vOuSmbhmP5CnFAchieHpx7u%2BJRxnJrIh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472bebc6b3e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Dec 2023 19:39:49 GMT

GET
H2 200 jquery-migrate.min.js Show response
tivify.oglcn.com/wp-includes/js/jquery/ 13 KB
5 KB 51ms
49ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 15:19:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 444638
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jT1sdik9pXOyVnYKP3bNhtJ01CStJb0LbEvcZWTwKfM82e5lCJjAIZ%2FQYN1X8AEliIt0kKkYBXXCpUvL2ogyVnQ51nQ%2BESlDJOakfuVDtgTodRrUNYFBiJ6kHdHmd%2Bn2jnw9pxyjyPo68ysrAXs9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472bebc7b3e0-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Dec 2023 19:39:49 GMT

GET
H3 200 front.min.js Show response
tivify.oglcn.com/wp-content/plugins/cookie-notice/js/ 8 KB
3 KB 102ms
94ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.13
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 15:20:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16351
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hV2mL6Ksr%2FhMSYH6eqnoxin6na3Q7l0ymHC%2BBDsX0ODNTuhSykdnuze%2BhRoRk4ZfhJmr8gCZ2sLqp2UBNLQBqiY4Wkap5TAMRg2gRMrX3LZ5hmUbBRQHb0Ddb7tgjAnvVDdvi%2F9mRYQ8IAHbAAR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472d3acb4c2a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 18:37:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 310ms
74ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7623777353958129

Requested by

Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

955a2889eff573766367ea81d3e21cc4e36a9ce9c20fd95ef27bab656436e34f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
Origin: https://tivify.oglcn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51282
x-xss-protection: 0
server: cafe
etag: 4891403612070942925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 23:10:27 GMT

GET
H2 200 Captura-de-pantalla-2023-11-09-170938.png
tivify.oglcn.com/wp-content/uploads/2023/11/ 963 KB
964 KB 458ms
457ms Image
image/png 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tivify.oglcn.com/wp-content/uploads/2023/11/Captura-de-pantalla-2023-11-09-170938.png
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c4c9f0784549954b7565ff4f72f080ddfa1731b8c0ebe27acaf6e9783184b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 22:10:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdrNx%2FP5KRB%2Fu0Lyq6W7T2ua%2BSkA9Uv347At%2FiQlOP9jLZXp%2Fjj38XgsMEh2w%2Fpar9DZQRj7VI9ghWycEO8JTc4PSyRhcZHQ7HaCqx7q1P6eB17LW3vfD9a3Zuk6vBcUbtMM2oNlhoJ3rfpj%2BuUA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 83a4472bebc8b3e0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 985706
expires: Sat, 30 Dec 2023 23:10:27 GMT

GET
H2 200 Captura-de-pantalla-2023-11-09-170821.png
tivify.oglcn.com/wp-content/uploads/2023/11/ 936 KB
938 KB 453ms
452ms Image
image/png 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tivify.oglcn.com/wp-content/uploads/2023/11/Captura-de-pantalla-2023-11-09-170821.png
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94c324812a929a25c66e3dc82d4864450b8beafd5d61fb12ecfbd94664cb3dd6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 22:09:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bh2OvNv5WkkNMRVrL2XKUbUnZLAqx9mmsqBnE7y3uGM57%2FDbBfXN0HNVonePGV8qafQe3MRNiz2cGZLvO1kUDtb55ftxY2S7FElhx7EjwKM8LTiJbBQCfKBlxyHkvB8SfgqC%2ByurCgpGjnl94YD%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 83a4472bebc9b3e0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 958638
expires: Sat, 30 Dec 2023 23:10:27 GMT

GET
H2 200 Captura-de-pantalla-2023-11-09-170655.png
tivify.oglcn.com/wp-content/uploads/2023/11/ 947 KB
949 KB 529ms
528ms Image
image/png 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tivify.oglcn.com/wp-content/uploads/2023/11/Captura-de-pantalla-2023-11-09-170655.png
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4591005a3f67403c6e7b47c8c0d8a60817f35b8a94ef49f405b43938af01cdf9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 22:07:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRAzi02TgPF2wvDscYXqbgEjaiJmt%2FMA63Xo%2BtnODUj2RCPxKimLMtmgxVlA8O2EmQ7lIujm5fGg8lbKunAwyzFpL736GjcjuBXGZEj5yxYxG17P9sDVJyI%2BEouxoWUkbUj3DeY2fHvVxsMrL4IS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 83a4472c0c0bb3e0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 969915
expires: Sat, 30 Dec 2023 23:10:27 GMT

GET
H2 200 msg6033716491-11268-1024x282.jpg
codeff.mytop5.club/wp-content/uploads/2023/06/ 42 KB
42 KB 475ms
184ms Image
image/jpeg 162.0.215.195
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://codeff.mytop5.club/wp-content/uploads/2023/06/msg6033716491-11268-1024x282.jpg
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.195 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server305-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: aeb28ab5650732a86c12b4f9e61de2259d887b022b2f351eb8af1fc978d93d04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
last-modified: Thu, 15 Jun 2023 15:14:24 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 43016
expires: Sat, 30 Dec 2023 23:10:27 GMT

GET photo1687799155-768x1024.jpeg
sorteo.mytop5.club/wp-content/uploads/2023/07/ 0
0

GET
H2 404 instagram-6338401_640.webp
regedit.pyick.com/wp-content/uploads/2023/05/ 0
0 428ms
193ms Image
text/html 2606:4700:3036::ac43:db36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regedit.pyick.com/wp-content/uploads/2023/05/instagram-6338401_640.webp
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:db36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 navigation.js Show response
tivify.oglcn.com/wp-content/themes/fairy/js/ 3 KB
2 KB 45ms
36ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/themes/fairy/js/navigation.js?ver=1.3.7
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 80122
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DI8hZLa7tOXEhk83la9Vd5oEH5XjxC1iarbTEXagrHiGw4vQ9u4CXKoKekR%2FtRHMIp0tI7G7SvIoZ6ywdpzG%2BCplA1LcKgH56OfunrkasnqEGvoEyyvwbdNC8k1hWYNTq3bJvD7%2FBb7JlfKDfxLV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472d3abe4c2a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 00:55:05 GMT

GET
H3 200 theia-sticky-sidebar.js Show response
tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 16 KB
4 KB 47ms
38ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/custom/js/theia-sticky-sidebar.js?ver=1.3.7
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aa067574acf4c7b8d7cef4f104ea80eeb6bd8af4d1e142015d029779dcdae3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16351
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yj%2Fu0gYADXIZTNlS1Olk8Jiae%2F3hul94Q5GZ%2BcLccpqinmrzufs5o1UOA%2BeUWG%2F3%2F6xXP%2FSdATZJzaJ7rR7JG7RRhZO4nCgv%2FUGz29OVOMYaHvdoFtuH5Qf7%2BXDzKhGrzs96paQKsZcyIq9b0Xc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472d3abf4c2a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 18:37:56 GMT

GET
H3 200 slick.js Show response
tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 90 KB
16 KB 78ms
68ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.js?ver=1.3.7
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16351
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c95I%2FPefoDqTDufrPCcwXy6u8078tAM9Y4SzL0ERjxNQt7xIgwSgeBFuCn9g8wY706N2DrDxptFYIGg9eTOlQwwIciRlUTDtp0fDmCMAHGQ2mTj4a8ZK6vL9GNGn1QGsrNjGAwk71hpr83GgtGZM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472d3ac24c2a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 18:37:56 GMT

GET
H3 200 imagesloaded.min.js Show response
tivify.oglcn.com/wp-includes/js/ 5 KB
2 KB 81ms
71ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:36:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16351
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO96bcTXQDG56RKSFnG5Dv4ILofqd%2BlowH26KK8Db1VbO95%2FtYFpJT7K60NWwW%2FmO79706ep1axoaHGxlpYDJUCPDdXSfFjDGjDOMCWyn6mV7KtZJdD8BLtPRbh3gCXRMs6gmgmC%2Fcj%2F2sdrxbT5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472d3ac44c2a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 18:37:56 GMT

GET
H3 200 masonry.min.js Show response
tivify.oglcn.com/wp-includes/js/ 24 KB
8 KB 47ms
38ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16351
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ql1baoAeBQ7nQgHRtE8clKN3%2FLWkSWqYdZ9MCbTulHjUicAgruZSFaEC6q6puZEvmIFdn3KBVihBQsLwQunm25kjhq9eKUumJTgmjPALktCk73laLICs%2FteCO056D1p5OKOmGEkl3hjQ9vnw1SN6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472d3ac54c2a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 18:37:56 GMT

GET
H3 200 custom.js Show response
tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 7 KB
2 KB 46ms
37ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/custom/js/custom.js?ver=1.3.7
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16351
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UfWLi%2BM8qD%2FYwea2PalXRsbs7Qfyn%2FRoqHAb33p6IG4emk1dwQ%2Bhp%2FKKaWi0dSNUxBbOwXa9LIgxL7M48Wjf03cpdIcl4tAc8hWWrWgX8FUPIoiV%2FkFEGYNhlNOrp13iJMuILHhDDh58zSfvCeK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472d3ac94c2a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 18:37:56 GMT

GET
BLOB 200
OK c37b0cd0-80ae-4aac-85d1-b5758a3b2b0d
https://tivify.oglcn.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tivify.oglcn.com/c37b0cd0-80ae-4aac-85d1-b5758a3b2b0d
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 328ms
115ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C300%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tivify.oglcn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:14:50 GMT
x-content-type-options: nosniff
age: 402937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 07:14:50 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 32 KB
33 KB 265ms
52ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tivify.oglcn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 05:08:42 GMT
x-content-type-options: nosniff
age: 410505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32796
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 05:08:42 GMT

GET
H3 200 fontawesome-webfont.woff2
tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/ 75 KB
76 KB 79ms
79ms Font
font/woff2 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://tivify.oglcn.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Origin: https://tivify.oglcn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80122
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Wed, 08 Nov 2023 15:37:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9%2BTbcAGJnnq4ASvgfBKpKtbOfh6gFImDnsozR2TAuTNTxOkQx0toZzah%2Fg6qd1lo7Yza7gosip9mwWDrLLqZFzneBbLo1q2ThJlE6VChsXJXdYA7KrDoQ90oJypKXaHY%2FwVQ4MfJlcOvroOa9Pw"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 83a4472d5ae94c2a-MIA
expires: Sat, 30 Dec 2023 00:55:05 GMT

GET
H3 200 Captura-de-pantalla-2023-11-09-170506.png
tivify.oglcn.com/wp-content/uploads/2023/11/ 425 KB
425 KB 489ms
488ms Image
image/png 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tivify.oglcn.com/wp-content/uploads/2023/11/Captura-de-pantalla-2023-11-09-170506.png
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ef9244ac753b2a3e37a0c16e7704d058c118c698951c5af89cf4d54249f118c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 22:06:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Il0uHHLrzWvwuSE%2F30%2FBiZpwFFbNeLhgEfS%2F9hqfsNQ92npl0DQHlYR2uYH24mSM0xa2rafJljXzgrEMEnM3q1oYYV8ONmHSUQefVkjkNl88sjcYfagm3SPrQQie%2BteH8L6QdJ4LFB33lPcqfQeX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 83a4472d9b2d4c2a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 434797
expires: Sat, 30 Dec 2023 23:10:27 GMT

GET
H3 200 Captura-de-pantalla-2023-11-09-170355.png
tivify.oglcn.com/wp-content/uploads/2023/11/ 1 MB
1 MB 494ms
493ms Image
image/png 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tivify.oglcn.com/wp-content/uploads/2023/11/Captura-de-pantalla-2023-11-09-170355.png
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a38a3ae68704cefa1bc7e043b61fe8f8c904b986caf2a0abf7eba92cca317d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 22:04:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4WhOH9LnzvXVqyBMPOzYm0LyXW2bl7d4IDyP%2BgMCMw%2BGMB1jveKl7j8RQcd84Uqpx2SxhqTfYIFMOvlPwqvTdivjtZ2LYCUt30LcpPuToe713CVIZ%2Fz6r%2B7mpxon8mIYfHaVun4G%2F3xoLjMmBLZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 83a4472d9b2f4c2a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1086549
expires: Sat, 30 Dec 2023 23:10:27 GMT

GET
H3 200 wp-emoji-release.min.js Show response
tivify.oglcn.com/wp-includes/js/ 18 KB
5 KB 201ms
201ms Script
application/javascript 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tivify.oglcn.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 11:23:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21CltzqOkJW7waF39vLiau2RIwKp%2BcIIbWgmAyKA4whQEMaBpwRo00cWeuC4fskcQjIPUmgrE%2F%2FU2%2FvVCew2cbPiGW188gUYMATCljIXYOrYoI4ta%2Bhrb5OwhtgS7UQ5Gpw%2BmtNyR08x2NKBV3RY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 83a4472ddb6c4c2a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 23:10:27 GMT

GET
H2 200 1f447.svg
s.w.org/images/core/emoji/14.0.0/svg/ 558 B
656 B 81ms
25ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f447.svg

Requested by

Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

ea5cb5c192a3478fe2766d2401fa6bd46a6fe23b9bfc2034d0a54c9fd3088a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 192ms
86ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7623777353958129

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82544ae162bda479021090084c79eee97c9b91277fbcb9d42beb85b0348479ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137916
x-xss-protection: 0
server: cafe
etag: 1305020384322512277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 23:10:27 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 8C6F 9 KB
4 KB 166ms
52ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7623777353958129

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 59127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 06:45:01 GMT
etag: 12700215250743596434
expires: Sat, 06 Jan 2024 06:45:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D6C8 11 KB
5 KB 218ms
211ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&adk=1812271804&adf=1573534164&lmt=1703373028&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027800&bpp=4&bdt=645&idt=324&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3042842189116&frm=20&pv=2&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=362

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7359a991090229edf24f41c5c42b67f3a9db4cdd82d0e607887087f0f1c1a703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4782
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 23:10:28 GMT
expires: Sat, 23 Dec 2023 23:10:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D09 714 B
527 B 264ms
251ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1974709217&adf=3025194257&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027804&bpp=2&bdt=648&idt=363&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=372

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38d016bd3a195000b271c17d05b27dad99f73d03537acb2628dd933e1190d523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 23:10:28 GMT
expires: Sat, 23 Dec 2023 23:10:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76ED 714 B
527 B 234ms
222ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1088523179&adf=1954423807&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027806&bpp=1&bdt=650&idt=374&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=451&ady=1351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=381

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82aa5e9b64025f0e68c4615626b46b973bd4f53efb8655f96df991aeff75688e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 23:10:28 GMT
expires: Sat, 23 Dec 2023 23:10:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 32DD 714 B
577 B 195ms
184ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1088523179&adf=1070288722&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027807&bpp=1&bdt=651&idt=385&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=451&ady=2123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=390

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f0a0d1a6b2d0f12b22bd637aae73933b76419cc86fc4f10a155188cb810ce14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 23:10:28 GMT
expires: Sat, 23 Dec 2023 23:10:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3429 714 B
530 B 234ms
224ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1088523179&adf=3921590319&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027808&bpp=1&bdt=652&idt=392&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=451&ady=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=397

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60427a5a45a155b13e5ab872ec984dc629cc36ec1a7c8010babd787eed832231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 23:10:28 GMT
expires: Sat, 23 Dec 2023 23:10:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C1A 714 B
531 B 221ms
211ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7623777353958129&output=html&h=250&slotname=2638906163&adk=1088523179&adf=1183607552&pi=t.ma~as.2638906163&w=300&lmt=1703373028&format=300x250&url=https%3A%2F%2Ftivify.oglcn.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703373027809&bpp=1&bdt=653&idt=406&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=3042842189116&frm=20&pv=1&ga_vid=891506335.1703373028&ga_sid=1703373028&ga_hid=227000633&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=451&ady=4105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C42532598%2C44809005%2C95320884&oid=2&pvsid=2219617598190905&tmod=579489601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=425

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fabae794eaefd7801c031a9ad882b6105506e3cf7c08f24b557338c1daa842e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 23:10:28 GMT
expires: Sat, 23 Dec 2023 23:10:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Captura-de-pantalla-2023-11-09-170139.png
tivify.oglcn.com/wp-content/uploads/2023/11/ 500 KB
501 KB 205ms
200ms Image
image/png 2606:4700:3032::6815:5e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tivify.oglcn.com/wp-content/uploads/2023/11/Captura-de-pantalla-2023-11-09-170139.png
Requested by: Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b893f243a43217f75ccf701c7d93ea8e6da97b52a4382ed06629e5852e755b5a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:28 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 22:02:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eu%2F%2BUk1fVrqtqw8YQH19O1U4rGXEPRw%2BZ%2BhnxGH3nGbgfCUhQeBrZDsg0fFQbDcPCPnyE%2B42dUBdpoQoCEv5VzimqveCKgvltp3UxobcclSBKyljxvd9UMFcYU85BoCby3qjfoLCg8bgL87xOFWZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 83a447358d8c4c2a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 512353
expires: Sat, 30 Dec 2023 23:10:28 GMT

GET
H2 200 ca-pub-7623777353958129 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 218ms
92ms Script
application/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7623777353958129?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

095302a5621d1d948d0c6fe4ba0c498a0bb8bcd9c8bc1e4109a7657d09270c6f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eHuUx8lDECPt5P01o_vS5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eHuUx8lDECPt5P01o_vS5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUODF1luZQJdsQmA9EEbxw3Fc_gS6T3Xcrw8_PhACf3GsFAcISZ8mLqAXFpJpBTqsbzhjq89p00ivTXIBzJcL1J-JUJeX7vDyXZcnIz2rOxdoqKi-vO4BdOL_LZtKu-YpqLxH1-4Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 83ms
82ms Script
application/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUODF1luZQJdsQmA9EEbxw3Fc_gS6T3Xcrw8_PhACf3GsFAcISZ8mLqAXFpJpBTqsbzhjq89p00ivTXIBzJcL1J-JUJeX7vDyXZcnIz2rOxdoqKi-vO4BdOL_LZtKu-YpqLxH1-4Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMzczMDI5LDEwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90aXZpZnkub2dsY24uY29tLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5120af13285122b1f2bc307e120f0d0878c5b85d3536f841c466ecc429e1e365

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IemBtsYWmPLPuLlzEloj3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-IemBtsYWmPLPuLlzEloj3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXCVQkVMoFPj_HiNb9LI2Ms384tjnvDI7agNkr3aPtn0sFd7lm5zZS-C76RytZvzUl9CkUu2ilDZWjWyZ4qXKZr9qc9NJPwID8eXU7B6VTfMpCkBs2HXxkw2opFcpoIsc8phLHtlw== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 97ms
93ms Script
application/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXCVQkVMoFPj_HiNb9LI2Ms384tjnvDI7agNkr3aPtn0sFd7lm5zZS-C76RytZvzUl9CkUu2ilDZWjWyZ4qXKZr9qc9NJPwID8eXU7B6VTfMpCkBs2HXxkw2opFcpoIsc8phLHtlw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMzczMDI5LDE5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdGl2aWZ5Lm9nbGNuLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51ab389d85c394fcac340a3a90db4ab27254c0e1f1633cfb9898496b2c847739

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N-fTHZEPwZJnVLKQYRNZGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N-fTHZEPwZJnVLKQYRNZGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 72ms
71ms XHR
application/json 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e36025383e4fe66680fa0dbb8bde18b9ac8948ba9eb8572f54551ea65b8740e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12184
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 165ms
60ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 23:10:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F418 13 KB
5 KB 54ms
52ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 22:07:21 GMT
expires: Sun, 22 Dec 2024 22:07:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 04BE 829 B
1 KB 177ms
66ms Document
text/html 2607:f8b0:4004:c07::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7e788895e6a5d820f5aec4a61eadc5446dda7b60646c336e55544cac2f5f491

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IBQ8Byplq-MU1Hr29fXwpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tivify.oglcn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IBQ8Byplq-MU1Hr29fXwpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 23:10:29 GMT
expires: Sat, 23 Dec 2023 23:10:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F418 39 KB
15 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 17:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 17:59:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 04BE 0
0 67ms
66ms Image
text/html 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2219617598190905&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F418 0
10 B 71ms
70ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RmPCGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 73ms
72ms Image
image/gif 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.758029480087129

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-DrMfyuQ2-vO_gJFtAh3VlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-DrMfyuQ2-vO_gJFtAh3VlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 77ms
76ms Image
image/gif 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.0880538165906444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-dSjtqPsENjXBbKfqGoCEOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-dSjtqPsENjXBbKfqGoCEOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 176ms
73ms XHR
text/html 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oCLm8Z4KZWvnqx5SdrrL0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 23:10:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-oCLm8Z4KZWvnqx5SdrrL0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tivify.oglcn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2219617598190905&bg=!QEOlQwzNAAY3kmNgF5I7ADQBe5WfOJygAkFsiV_QLK8PwmdeInpFFgpNuPY5Iyt0r25fVCecF_tYnft6uRDTWxsL8uHNAgAAAM1SAAAAA2gBBwoABZd3_hhLmQLqHzZep7yDtCL29to509U-0FpvjxNbp3WfQK2VoCEMG8fLmEtIILb1EQe4dNUqTUtON7wjZGhBz_Jl_KP2kgKm-N2fmnHVt8mpzwo3HzbFp97lHTT2kZ995EJX8oVwzlLFZiKds4NA4wRNFOSYWLT_gVBCvdCcetIu-j15MyOzEPXARY1jU2H8pqiJHvtf-hKdHobIthCQaO8GMNF7Ym_WTnlSv2HpNEZfmo0_x0p60CpdFwI2_U8k51Cf3qD4wx-plGQbfkSk0FmbB3n5xc78Lz6Q2VbO66HZtZ13PUF0URJW4JyhiJdG55q6TIJpZSnyQVn2hPAHzLdOUnA8416UAuVtFe-unQ2YqFXY3Gl0omjkcOVO6pkmFCKhIMZJHfgupWUX_dli9Pj13Hi9MxLm0O43xJ8xCapXM-9VcLdXwF_9fD8XeeXxm0oSQOylYLXh9ZQUg_0ofXq2DpWugX-tfFHfzFDALkVxnrxU38EFr5wXj48Dr1LzekhDQFguFBizrYIBRSlxNRYWdUgF6qBZb8i5Y70Shry6wZTGoCQslTgvewHfLO0BYm2Yq-IoboX5KaDU_Mp6xHKCOQ9dF1AIwPPLWsF4Pv4DAMUVIyruKIIZfkFmbS8UIEDIJaarM8O9LCmMfWFLwgDLV2D3AnHWmb-dL0Wj6PHh6gXDffivAG2wFYWZj3Oa9qaCZiDOpTLBmoC6gIeYaIKWCy7SCyltggnW-I5NG4axUNj6rHPm-IPFKtt8ePsBduBlJy5SP1vePEVdMZVtod4MPjhTSzbN5At0eAMj7DOfgLUe_ngmI-0sIDTifQ52Xz1ESECNAmSejBdGXflbf3WC4FZLlbnGt-4mNWGkouJarVVo5q5WJHcI03LMOP2_WaZJmpy9rsRqtKxtDNJ7yPDId1c13rUt3qHtzQxYasLX0c9cOYctNUc1iC7-_hGWTLcQcmXMvVzJkIsmpZevo8NseeAqpKUVfWtPRcjOts3_PJc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ads.json Show response
fundingchoicesmessages.google.com/f/AGSKWxXV9tg9kwNHTiVwGNSfKyngo5oMF9iGRgIem7nsvthgD6zK2_QEE_VnWZFsJ1on2IUGHupjK7nqWUGnYRNZZNzIpI1uo7CZojFhsBxgPrA-CC64QCxYMen73K9gl0ow58RIjqul0FCHl8WfVaUUmxNzXABW8... 54 B
107 B 82ms
80ms Script
application/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXV9tg9kwNHTiVwGNSfKyngo5oMF9iGRgIem7nsvthgD6zK2_QEE_VnWZFsJ1on2IUGHupjK7nqWUGnYRNZZNzIpI1uo7CZojFhsBxgPrA-CC64QCxYMen73K9gl0ow58RIjqul0FCHl8WfVaUUmxNzXABW8ltKKPFsAEG6SlkxAJUT0JxxyIghzjVD/_.ca/ads-/sidead./skyad_/ads.json?_headerad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9a56d09fd3359227ef31ee30197150286b85e694d8f2ab19283b0f2ff08bce7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--8zPV5X1IiMYckPaYOIqWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--8zPV5X1IiMYckPaYOIqWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 61ms
59ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 05:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 05:07:28 GMT

POST
H3 204 AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 80ms
76ms XHR
text/html 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zG6Q8EAAzmQU8x_sED11ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 23:10:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-zG6Q8EAAzmQU8x_sED11ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tivify.oglcn.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 68ms
67ms XHR
text/html 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fe-5L0Y7JZSYDZFWVMj3eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 23:10:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-fe-5L0Y7JZSYDZFWVMj3eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tivify.oglcn.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 81ms
76ms XHR
text/html 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xK1mP-KmA_QV1cMiy0UuNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 23:10:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-xK1mP-KmA_QV1cMiy0UuNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tivify.oglcn.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 81ms
78ms XHR
text/html 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZSvBwRuGB21x1fafplgoGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 23:10:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZSvBwRuGB21x1fafplgoGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tivify.oglcn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUY240Qr_7p5zUsiPKNBt9BKjuWwPxFXikUcFfdEpGOJIjxYm7HWR-HtHAUL-UGvFw9dg38LU4Hw0eZIWP5rf-ImJbo1bSKR9hTpG5-ay9nea_tDVFPK11FqibsonsKf6HWrjj2-Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 96ms
95ms Script
application/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUY240Qr_7p5zUsiPKNBt9BKjuWwPxFXikUcFfdEpGOJIjxYm7HWR-HtHAUL-UGvFw9dg38LU4Hw0eZIWP5rf-ImJbo1bSKR9hTpG5-ay9nea_tDVFPK11FqibsonsKf6HWrjj2-Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMzczMDMxLDc3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3RpdmlmeS5vZ2xjbi5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efc5ea78b10e57cdb3101976b8ffaa726c99c365cb060fc850d23492808e186b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EP6NDlr4cGEslgic17_RMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-EP6NDlr4cGEslgic17_RMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUnkiOuFpnoSkMCykl39Ftghd4-cynMAsKdEmVVTyWuLLQyHdZvu2mAfmWcV-h9p6KtWc38rmRFj9yKMbEdjC7c-SIWKIsBGSfGYnRq7ENyZzic0aN-YYeDAGDV4vjYsbOQLn6Now== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 106ms
100ms XHR
text/html 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUnkiOuFpnoSkMCykl39Ftghd4-cynMAsKdEmVVTyWuLLQyHdZvu2mAfmWcV-h9p6KtWc38rmRFj9yKMbEdjC7c-SIWKIsBGSfGYnRq7ENyZzic0aN-YYeDAGDV4vjYsbOQLn6Now==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4gSqyANhBpmbZRPD8vG9PQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 23:10:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-4gSqyANhBpmbZRPD8vG9PQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tivify.oglcn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 88ms
83ms XHR
text/html 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVeCWqaeSzAHHoEyxteRb5WP0zJSd11YV65lwXroH9BJ_LZsDW_v1tjdQ0AaNLjgTLnc8BOujPUBMd9HdVHPkuJ1LLXF5EUo5G2omk_V3yTkGvw3HExUyTee_RFGQnfC_3c6VCgpQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KFlOueDmhmane7wXpS_vdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tivify.oglcn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 23:10:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-KFlOueDmhmane7wXpS_vdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tivify.oglcn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 170ms
60ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XQN6P3C7WL

Requested by

Host: tivify.oglcn.com
URL: https://tivify.oglcn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34980261cc0ff4c392a3c119ad4a0401c159a126340d3259cb2014ff9fca0872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:10:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92781
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 23:10:32 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
255 B 328ms
60ms Ping
text/plain 2607:f8b0:4004:c09::8a

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XQN6P3C7WL&gtm=45je3bt0v9116645935&_p=1703373032478&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cid=891506335.1703373028&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703373032&sct=1&seg=0&dl=https%3A%2F%2Ftivify.oglcn.com%2F&dt=tivify%20%E2%80%93%20Bienvenidos&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6324
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XQN6P3C7WL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::8a -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tivify.oglcn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 23:10:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tivify.oglcn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sorteo.mytop5.club
URL: https://sorteo.mytop5.club/wp-content/uploads/2023/07/photo1687799155-768x1024.jpeg

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 17:09:33	Name: test_cookie Value: CheckForPermission
.oglcn.com/	1970-01-21 02:31:09	Name: __gads Value: ID=29f7146e50f41a1a:T=1703373028:RT=1703373028:S=ALNI_MbGRLI7oqMK0jz4oI7qr0Mdpck31w
.oglcn.com/	1970-01-21 02:31:09	Name: __gpi Value: UID=00000dac984bdb8a:T=1703373028:RT=1703373028:S=ALNI_MauZ3a4_oMgVlypqGThiSsBK5EH-Q
.oglcn.com/	1970-01-21 01:55:09	Name: FCNEC Value: %5B%5B%22AKsRol91w-UQITCzG5MIBWYAGyGy8AwKJq9NqWC4Mh0Wi5Sy4DrmTxL5smFUTNMN-FU12CWIFwfW5hCgVAsw-ewWuNWOI0NklHrxfyRMzk506r38P10q1idcy9KJrOkH10JiJNaX40umMqbnvK6dcDuuKxJVDWaUaw%3D%3D%22%5D%5D
.oglcn.com/	1970-01-21 02:45:33	Name: _ga_XQN6P3C7WL Value: GS1.1.1703373032.1.0.1703373032.0.0.0
.oglcn.com/	1970-01-21 02:45:33	Name: _ga Value: GA1.1.891506335.1703373028

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tivify.oglcn.com/ Message: Mixed Content: The page at 'https://tivify.oglcn.com/' was loaded over HTTPS, but requested an insecure element 'http://regedit.pyick.com/wp-content/uploads/2023/05/instagram-6338401_640.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://tivify.oglcn.com/(Line 679) Message: Mixed Content: The page at 'https://tivify.oglcn.com/' was loaded over HTTPS, but requested an insecure element 'http://regedit.pyick.com/wp-content/uploads/2023/05/instagram-6338401_640.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://sorteo.mytop5.club/wp-content/uploads/2023/07/photo1687799155-768x1024.jpeg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://regedit.pyick.com/wp-content/uploads/2023/05/instagram-6338401_640.webp Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

codeff.mytop5.club
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
regedit.pyick.com
s.w.org
sorteo.mytop5.club
tivify.oglcn.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
sorteo.mytop5.club
162.0.215.195
192.0.77.48
2606:4700:3032::6815:5e31
2606:4700:3036::ac43:db36
2607:f8b0:4004:c06::61
2607:f8b0:4004:c07::67
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::8a
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::9a
01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
095302a5621d1d948d0c6fe4ba0c498a0bb8bcd9c8bc1e4109a7657d09270c6f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0ef9244ac753b2a3e37a0c16e7704d058c118c698951c5af89cf4d54249f118c
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34980261cc0ff4c392a3c119ad4a0401c159a126340d3259cb2014ff9fca0872
38d016bd3a195000b271c17d05b27dad99f73d03537acb2628dd933e1190d523
3f0a0d1a6b2d0f12b22bd637aae73933b76419cc86fc4f10a155188cb810ce14
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4591005a3f67403c6e7b47c8c0d8a60817f35b8a94ef49f405b43938af01cdf9
4a38a3ae68704cefa1bc7e043b61fe8f8c904b986caf2a0abf7eba92cca317d4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5120af13285122b1f2bc307e120f0d0878c5b85d3536f841c466ecc429e1e365
51ab389d85c394fcac340a3a90db4ab27254c0e1f1633cfb9898496b2c847739
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
60427a5a45a155b13e5ab872ec984dc629cc36ec1a7c8010babd787eed832231
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6e8d94d8bc2dc3d397d5a98f49db64b97f54f1f184540ada8f82d6d4fc5cf426
7359a991090229edf24f41c5c42b67f3a9db4cdd82d0e607887087f0f1c1a703
8046e624b87d35265325e160609ed4f96a327756ededf8594798dadf20a2b24a
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
82544ae162bda479021090084c79eee97c9b91277fbcb9d42beb85b0348479ea
82aa5e9b64025f0e68c4615626b46b973bd4f53efb8655f96df991aeff75688e
8edbd8345d3ed91474f3c8e98c1b505aec4cc0cd9764a49e21be20f40a2a6871
94c324812a929a25c66e3dc82d4864450b8beafd5d61fb12ecfbd94664cb3dd6
955a2889eff573766367ea81d3e21cc4e36a9ce9c20fd95ef27bab656436e34f
9aa067574acf4c7b8d7cef4f104ea80eeb6bd8af4d1e142015d029779dcdae3e
aeb28ab5650732a86c12b4f9e61de2259d887b022b2f351eb8af1fc978d93d04
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b893f243a43217f75ccf701c7d93ea8e6da97b52a4382ed06629e5852e755b5a
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d7e788895e6a5d820f5aec4a61eadc5446dda7b60646c336e55544cac2f5f491
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e36025383e4fe66680fa0dbb8bde18b9ac8948ba9eb8572f54551ea65b8740e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d61380220dc6557adf818615193db49999ec5af04e82d2a4be2970ebda389e
ea5cb5c192a3478fe2766d2401fa6bd46a6fe23b9bfc2034d0a54c9fd3088a39
efc5ea78b10e57cdb3101976b8ffaa726c99c365cb060fc850d23492808e186b
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
f6c4c9f0784549954b7565ff4f72f080ddfa1731b8c0ebe27acaf6e9783184b4
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a
f9a56d09fd3359227ef31ee30197150286b85e694d8f2ab19283b0f2ff08bce7
fabae794eaefd7801c031a9ad882b6105506e3cf7c08f24b557338c1daa842e4

tivify.oglcn.com Open in urlscan Pro 2606:4700:3032::6815:5e31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

85 %IPv6

11 Domains

14 Subdomains

14 IPs

1 Countries

5583 kBTransfer

6822 kBSize

6 Cookies

3 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tivify.oglcn.com Open in urlscan Pro
2606:4700:3032::6815:5e31 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

85 %
IPv6

11
Domains

14
Subdomains

14
IPs

1
Countries

5583 kB
Transfer

6822 kB
Size

6
Cookies

67 HTTP transactions
0 data transactions