urlscan.io logo urlscan.io
SecurityTrails logo

www.unknownproxy.com Open in urlscan Pro
149.56.254.138  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ny.unknownproxy.com/
Effective URL: https://www.unknownproxy.com/
Submission: On December 20 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 44 HTTP transactions. The main IP is 149.56.254.138, located in Montreal, Canada and belongs to OVH OVH SAS, FR. The main domain is www.unknownproxy.com.
TLS certificate: Issued by R10 on October 16th 2024. Valid for: 3 months.
This is the only time www.unknownproxy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    198.98.51.35 (Staten Island, United States)

ASN53667 (PONYNET, US)
PTR: ny-198.98.51.35.ipv4.uk7.org
ny.unknownproxy.com
1    149.56.254.138 (Montreal, Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ca-149.56.254.138.ipv4.uk7.org
www.unknownproxy.com
7    172.67.150.201 (United States)

ASN13335 (CLOUDFLARENET, US)
www.serveuk7.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
5    142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net
pagead2.googlesyndication.com
2    2404:6800:4004:821::2008 (Australia)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
9    172.217.161.226 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s05-in-f2.1e100.net
googleads.g.doubleclick.net
2    2404:6800:4004:801::200e (Australia)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
10    142.251.42.206 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.251.42.200 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f8.1e100.net
ssl.google-analytics.com
1    142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net
ep1.adtrafficquality.google
2    2404:6800:4004:818::2001 (Australia)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    172.217.31.132 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
13 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
73 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
7 serveuk7.com
www.serveuk7.com
18 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
308 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
3 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 972
18 KB
2 unknownproxy.com
ny.unknownproxy.com
www.unknownproxy.com
5 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
29 KB
0 addthis.com Failed
s7.addthis.com Failed
44 9
Domain Requested by
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
7 www.serveuk7.com www.unknownproxy.com
www.serveuk7.com
5 pagead2.googlesyndication.com www.unknownproxy.com
pagead2.googlesyndication.com
3 ssl.google-analytics.com www.unknownproxy.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 code.jquery.com www.unknownproxy.com
1 www.unknownproxy.com
1 ny.unknownproxy.com 1 redirects
0 s7.addthis.com Failed www.unknownproxy.com
44 12

This site contains links to these domains. Also see Links.

Domain
www.4everproxy.com
m.4everproxy.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
*.4everproxy.com
R10		 2024-10-16 -
2025-01-14		 3 months crt.sh
serveuk7.com
WE1		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
adtrafficquality.google
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.unknownproxy.com/
Frame ID: 3B290092313D61B1DC5814E86A219BCB
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 1995B9877A03D3113989E88404906D21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=326310110&pi=t.ma~as.4450595815&w=336&abgtt=9&lmt=1734727254&format=336x280&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734727254303&bpp=3&bdt=1415&idt=36&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=13943258699&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089326%2C31089329%2C31089337%2C95344788%2C95345967&oid=2&pvsid=3539374493709224&tmod=2017222399&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=50
Frame ID: 3B95B3747E46065217CF717A5BF19688
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=220290724&pi=t.ma~as.4450595815&w=336&abgtt=9&lmt=1734727254&format=336x280&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734727254306&bpp=1&bdt=1418&idt=63&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280&correlator=13943258699&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089326%2C31089329%2C31089337%2C95344788%2C95345967&oid=2&pvsid=3539374493709224&tmod=2017222399&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=70
Frame ID: 795ACFFD89BC8AE3BAD3DDFA19CCE627
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=90&slotname=5927329013&adk=3680528455&adf=1400489018&pi=t.ma~as.5927329013&w=728&abgtt=9&lmt=1734727254&format=728x90&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734727254307&bpp=1&bdt=1419&idt=74&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280%2C336x280&correlator=13943258699&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089326%2C31089329%2C31089337%2C95344788%2C95345967&oid=2&pvsid=3539374493709224&tmod=2017222399&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=76
Frame ID: A5E25EDAC3AFD220595C11D6582C9E93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&adk=2625457464&adf=2459331512&abgtt=9&lmt=1734727254&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x810_l%7C356x810_r&format=0x0&url=https%3A%2F%2Fwww.unknownproxy.com%2F&pra=7&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734727254308&bpp=3&bdt=1420&idt=81&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=13943258699&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089326%2C31089329%2C31089337%2C95344788%2C95345967&oid=2&pvsid=3539374493709224&tmod=2017222399&uas=0&nvt=1&fsapi=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=88
Frame ID: 2AD3C33C882B882C2B32E5ED70C92FA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: D799DD494FAE96FF7944EF6FC3DE002F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 7409518A72125CC114FB9949BF322C91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 9A7A51DD97B73720B3CE2C3351E6E558
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 12F7E40F23332F13BCE3E81E3FBACD02
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 11CAC5305A8C101E1CFE0F4748B04BC3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D44CE60DAAF008C718F0116DDEA0C22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Unknown Proxy: Change your IP Address

Page URL History Show full URLs

  1. https://ny.unknownproxy.com/ HTTP 302
    https://www.unknownproxy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

95 %
HTTPS

31 %
IPv6

9
Domains

12
Subdomains

13
IPs

3
Countries

470 kB
Transfer

1503 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ny.unknownproxy.com/ HTTP 302
    https://www.unknownproxy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.unknownproxy.com/
Redirect Chain
  • https://ny.unknownproxy.com/
  • https://www.unknownproxy.com/
24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.unknownproxy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.56.254.138 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ca-149.56.254.138.ipv4.uk7.org
Software
Apache / PHP/7.2.24
Resource Hash
ad2061e496ce5ff9ddfbbff55b110bbee2531b9c1fc9c04bfe9c3d80b80f9927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate no-cache
Connection
keep-alive, Keep-Alive
Content-Encoding
gzip
Content-Length
4465
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Dec 2024 20:40:52 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=1, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Powered-By
PHP/7.2.24

Redirect headers

Cache-Control
no-cache
Connection
keep-alive, Keep-Alive
Content-Encoding
gzip
Content-Length
186
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Dec 2024 20:40:51 GMT
Keep-Alive
timeout=10, max=100
Location
https://www.unknownproxy.com/
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Powered-By
PHP/7.1.26
4e66f7183e413fffe85fdd81e3309c6f.css
www.serveuk7.com/public/cache/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63aa67a35f607dcc47fef68f279a36f2bdcfa0ca1d5cfabe2e3b46333fde5667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"240e-5f9849364b7f0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7kd%2F0%2FfifVeungtFf9unP4Lya0eYDQOaJB6OSvFkzqRMngNjNvJlyw4fo2%2B4Z2kxPHhimCSK%2B1JVYUd1rzGIY5zqZH1KLUY1bAbwCnvmJtpIm4mGcfgGlhJK%2B%2B%2FSmmv7UOl"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2109&min_rtt=1879&rtt_var=451&sent=21&recv=15&lost=0&retrans=0&sent_bytes=12679&recv_bytes=5588&delivery_rate=478171&cwnd=12000&unsent_bytes=0&cid=ad53dcf1734b528c&ts=567&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 20:40:53 GMT
content-type
text/css
last-modified
Mon, 17 Apr 2023 09:11:27 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5273341a5ab00c-NRT
access-control-allow-origin
*
server
cloudflare
jquery-2.1.4.min.js
code.jquery.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.1.4.min.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-14979"
age
3317650
x-cache
HIT, HIT
date
Fri, 20 Dec 2024 20:40:52 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
27599, 12942
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21971-LGA, cache-nrt-rjtf7700105-NRT
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1734727253.920404,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
29519
server
nginx
55137343e0b1d13f5684f69d24969ded.js
www.serveuk7.com/public/cache/ 		793 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.serveuk7.com/public/cache/55137343e0b1d13f5684f69d24969ded.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7ce2678586a779f599b34b5883f485d074bc08e7bc9dc8a1b115f52b30a69f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"319-5f9842a1fa52f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNx0Pj5yMGJpHz%2BrPyQKUEgRJCgYd8TbnWN2HGIzbs3G6P5dnfyFqNOa9Vlff0NLoIrr0E6Ssz6vche36lRIorBo%2B0CpMNWqbjwHsAkKKUIEnUh8NDkzIGrLnZJOgxV8QTyp"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2041&min_rtt=1879&rtt_var=419&sent=13&recv=14&lost=0&retrans=0&sent_bytes=4272&recv_bytes=5545&delivery_rate=1040&cwnd=12000&unsent_bytes=0&cid=ad53dcf1734b528c&ts=555&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 20:40:53 GMT
content-type
application/javascript
last-modified
Mon, 17 Apr 2023 08:42:01 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5273342a5bb00c-NRT
server
cloudflare
logo.png
www.serveuk7.com/themes/unknownproxy_com/@img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.serveuk7.com/themes/unknownproxy_com/@img/logo.png
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3074b84f0ce98d30742403765cc4e46dea2cf376f86bbf4d96defe99bb862bea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

cf-cache-status
MISS
etag
"189e-5f975738f72d6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nz7dW8IGlVDnelfKlOax40ZgMwWuFSNiaGLKqTa4j3CQZuaTueBE80GNf%2BfteD7Q7JgrENVxkixeI9O%2Fx%2BKOhC8aH1G51Xg3LdI%2Fo6BUAQvP2QN41iZ%2BGjhFgaNBq59r%2Fblh"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2109&min_rtt=1879&rtt_var=451&sent=15&recv=15&lost=0&retrans=0&sent_bytes=5524&recv_bytes=5588&delivery_rate=478171&cwnd=12000&unsent_bytes=0&cid=ad53dcf1734b528c&ts=565&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 20:40:53 GMT
content-type
image/png
last-modified
Sun, 16 Apr 2023 15:08:48 GMT
vary
Accept-Encoding
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5273342a5cb00c-NRT
accept-ranges
bytes
content-length
6302
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
1d123106b82a82245d70cb69e08586d4b2a1259ef095d390bcbb10ad1c186351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
br
etag
6868296909240166501
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 20:40:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 20 Dec 2024 20:40:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53396
x-xss-protection
0
server
cafe
sslOn.png
www.serveuk7.com/themes/default/@img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.serveuk7.com/themes/default/@img/sslOn.png
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a5ea07a0ccf26cc71db359dbfc0b9b80434663dd810ec2eeee101f1ee120e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

cf-cache-status
REVALIDATED
etag
"4af-5f97572900521"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VI34z62yWxi7hJ2siw8DMY96J2gqRdd4ap2jojQmMSfRP%2FyorNzhjTYo2yexf3WdbPMzLPFxrqmGchzqweBBLQCanrJIzqLDcT0%2B%2B%2Be9B%2BF7gb10FwGCYTHUyu0ZTuGWjmnm"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2330&min_rtt=1879&rtt_var=371&sent=26&recv=21&lost=0&retrans=0&sent_bytes=15960&recv_bytes=6160&delivery_rate=4167263&cwnd=12000&unsent_bytes=0&cid=ad53dcf1734b528c&ts=582&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 20:40:53 GMT
content-type
image/png
last-modified
Sun, 16 Apr 2023 15:08:32 GMT
vary
Accept-Encoding
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5273342a5db00c-NRT
accept-ranges
bytes
content-length
1199
server
cloudflare
addthis_widget.js
s7.addthis.com/js/300/ 		0
0
normalize.css
www.serveuk7.com/themes/default/@css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.serveuk7.com/themes/default/@css/normalize.css
Requested by
Host: www.serveuk7.com
URL: https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b933fba66b3db3bc0383063de816105a51044313b4a8b44690bb03e1e5e4a47d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"10cc-5f97572803e1f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMqa8aTZ5Dn7oIvJ9YZtmKjN6gKLS1Ua8wBFdB1t0lRGcZZm%2F6ATpUFe9yFJ2YDqXmtR83rBEdMA%2BinGwFeOg6ZUu0nUmdGNK%2BsT7LrjGEy873fBMkh%2BtshXM3mWvXqaXJQG"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2339&min_rtt=1879&rtt_var=296&sent=28&recv=22&lost=0&retrans=0&sent_bytes=17921&recv_bytes=6203&delivery_rate=204865&cwnd=12000&unsent_bytes=0&cid=ad53dcf1734b528c&ts=1112&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 20:40:54 GMT
content-type
text/css
last-modified
Sun, 16 Apr 2023 15:08:31 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5273379d5fb00c-NRT
access-control-allow-origin
*
server
cloudflare
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
age
339
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 22:35:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:35:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
17168
server
Golfe2
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
1d123106b82a82245d70cb69e08586d4b2a1259ef095d390bcbb10ad1c186351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
br
etag
6868296909240166501
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 20:40:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 20 Dec 2024 20:40:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53396
x-xss-protection
0
server
cafe
submit.png
www.serveuk7.com/themes/default/@img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.serveuk7.com/themes/default/@img/submit.png
Requested by
Host: www.serveuk7.com
URL: https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d9a70ec7418a19cd6152cc1b8cc41e744cc6e6557d02e401592223673c174d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css

Response headers

cf-cache-status
REVALIDATED
etag
"4b7-5f97572ad35ae"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eiDoG7GtEV6QrI1MfwM5ME8S6pGCn9hnXvW8x763sSO%2FY8w2hWC%2BB7l5F8GNfumAzJlh6gnxOFrSa8A5181s7fWhxXsWJfofyW1FZoloXTSQcIASTAC6dpJfduSatkFTwuZl"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2350&min_rtt=1879&rtt_var=245&sent=31&recv=24&lost=0&retrans=0&sent_bytes=19865&recv_bytes=6632&delivery_rate=780373&cwnd=12000&unsent_bytes=0&cid=ad53dcf1734b528c&ts=1698&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 20:40:54 GMT
content-type
image/png
last-modified
Sun, 16 Apr 2023 15:08:33 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f52733b4862b00c-NRT
accept-ranges
bytes
content-length
1207
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		435 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
br
etag
4174761130244020438
age
70315
x-content-type-options
nosniff
expires
Fri, 03 Jan 2025 01:08:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 20 Dec 2024 01:08:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147831
x-xss-protection
0
server
cafe
__utm.gif
ssl.google-analytics.com/r/ 		35 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1214762854&utmhn=www.unknownproxy.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=ja-jp&utmje=0&utmfl=-&utmdt=Unknown%20Proxy%3A%20Change%20your%20IP%20Address&utmhid=1179336655&utmr=-&utmp=%2F&utmht=1734727254332&utmac=UA-29423781-1&utmcc=__utma%3D259337678.957931400.1734727254.1734727254.1734727254.1%3B%2B__utmz%3D259337678.1734727254.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1025540765&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],}
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:54 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 1995 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:11:28 GMT
etag
17661348622971093804
expires
Fri, 03 Jan 2025 20:11:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3B95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=326310110&pi=t.ma~as.4450595815&w=336&abgtt=9&lmt=1734727254&format=336x280&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734727254303&bpp=3&bdt=1415&idt=36&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=13943258699&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089326%2C31089329%2C31089337%2C95344788%2C95345967&oid=2&pvsid=3539374493709224&tmod=2017222399&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=50
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
52478
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:40:54 GMT
expires
Fri, 20 Dec 2024 20:40:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 795A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=220290724&pi=t.ma~as.4450595815&w=336&abgtt=9&lmt=1734727254&format=336x280&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734727254306&bpp=1&bdt=1418&idt=63&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280&correlator=13943258699&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089326%2C31089329%2C31089337%2C95344788%2C95345967&oid=2&pvsid=3539374493709224&tmod=2017222399&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=70
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44815
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:40:54 GMT
expires
Fri, 20 Dec 2024 20:40:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A5E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=90&slotname=5927329013&adk=3680528455&adf=1400489018&pi=t.ma~as.5927329013&w=728&abgtt=9&lmt=1734727254&format=728x90&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734727254307&bpp=1&bdt=1419&idt=74&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280%2C336x280&correlator=13943258699&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089326%2C31089329%2C31089337%2C95344788%2C95345967&oid=2&pvsid=3539374493709224&tmod=2017222399&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=76
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42632
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:40:54 GMT
expires
Fri, 20 Dec 2024 20:40:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2AD3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&adk=2625457464&adf=2459331512&abgtt=9&lmt=1734727254&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x810_l%7C356x810_r&format=0x0&url=https%3A%2F%2Fwww.unknownproxy.com%2F&pra=7&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734727254308&bpp=3&bdt=1420&idt=81&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=13943258699&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089326%2C31089329%2C31089337%2C95344788%2C95345967&oid=2&pvsid=3539374493709224&tmod=2017222399&uas=0&nvt=1&fsapi=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=88
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
139826
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:40:54 GMT
expires
Fri, 20 Dec 2024 20:40:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
8c2bc0bf7d4173ae067a69b92d929d2bf35be376709117a97f1bf21d3b6bc6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
br
etag
1667813206267593936
age
70314
x-content-type-options
nosniff
expires
Fri, 03 Jan 2025 01:09:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 20 Dec 2024 01:09:01 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
60482
x-xss-protection
0
server
cafe
ca-pub-1206893953118841
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1206893953118841?href=https%3A%2F%2Fwww.unknownproxy.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
769565e0e8d5c7c0885b1d0e59a77446eaf6ca575b8735c53b5724a0077ec91b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1Dfv2kD8YWVDxQWvIYZ7kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:55 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxc1xfM303m8CNN-dilTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQyN9AwM4wsMAFIVRY0"
content-security-policy
script-src 'report-sample' 'nonce-1Dfv2kD8YWVDxQWvIYZ7kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CQdLS2JmxagLrERAE-pVqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:55 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfj-prpu9kEJrzbNp9RySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAD85Crh"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CQdLS2JmxagLrERAE-pVqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUBes_nAQz_Muosi3K0l1Kgje7PL64oR_f3xvD2UyAZHMIKyEQLrSLF_a6s8FPXzW-AMcPPH2Oc5gTUwSn1LShi5tVmwMtPZY03cZrx36QtVqQ3HYMMD_1MwVpSB2XGsjNTtlO_hg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUBes_nAQz_Muosi3K0l1Kgje7PL64oR_f3xvD2UyAZHMIKyEQLrSLF_a6s8FPXzW-AMcPPH2Oc5gTUwSn1LShi5tVmwMtPZY03cZrx36QtVqQ3HYMMD_1MwVpSB2XGsjNTtlO_hg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NzI3MjU1LDI5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudW5rbm93bnByb3h5LmNvbS8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJqYSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb8139c1360ba7dbc2bad7f96081de589b052285e94a06f5b33dae568277a992
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rh3zFmbdoPXzhjjZYn4ggA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:55 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcFxfM303m8CMljlzGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDABv4kT4"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rh3zFmbdoPXzhjjZYn4ggA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame D799 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:11:28 GMT
etag
17661348622971093804
expires
Fri, 03 Jan 2025 20:11:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 7409 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:11:28 GMT
etag
17661348622971093804
expires
Fri, 03 Jan 2025 20:11:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 9A7A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:11:28 GMT
etag
17661348622971093804
expires
Fri, 03 Jan 2025 20:11:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 12F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:11:28 GMT
etag
17661348622971093804
expires
Fri, 03 Jan 2025 20:11:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXoaG2KygHsS6fIrRZo11NAm8V3HgWIy7dK5N0c21o_RqBZ39NkoJ7A_Ikiv8oi4jB_IKN0IktrjRK4_VYEtqxN87d3g1SZ5c0I0vAVwbxT5xUZfWKO_jUCXNPCk4zNlrdrTFRpEw==
fundingchoicesmessages.google.com/f/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXoaG2KygHsS6fIrRZo11NAm8V3HgWIy7dK5N0c21o_RqBZ39NkoJ7A_Ikiv8oi4jB_IKN0IktrjRK4_VYEtqxN87d3g1SZ5c0I0vAVwbxT5xUZfWKO_jUCXNPCk4zNlrdrTFRpEw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NzI3MjU1LDM1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImphIl0sImh0dHBzOi8vd3d3LnVua25vd25wcm94eS5jb20vIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiamEiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
b36def2ba5dae53eba38b814d48fe2584f772ad64a190d527ccf10ce838fb0bc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--_GmHxZrj3y1NKKPjXdnfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:55 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcFxfM303m8CGfd9OMSppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAlxRF0w"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--_GmHxZrj3y1NKKPjXdnfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
__utm.gif
ssl.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1822209768&utmhn=www.unknownproxy.com&utmt=event&utme=14(4900*170*340*390*0*1150*3500*3500)(4903*172*347*397*4*1150*3504*3504)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=ja-jp&utmje=0&utmfl=-&utmdt=Unknown%20Proxy%3A%20Change%20your%20IP%20Address&utmhid=1179336655&utmr=-&utmp=%2F&utmht=1734727255707&utmac=UA-29423781-1&utmcc=__utma%3D259337678.957931400.1734727254.1734727254.1734727254.1%3B%2B__utmz%3D259337678.1734727254.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.200 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

age
59304
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 04:12:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a792d38482462beda83d9b25e5c07bc8066e3d311d6b999fbc72503fda874e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13050
date
Fri, 20 Dec 2024 20:40:55 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
www.serveuk7.com/themes/default/@img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.serveuk7.com/themes/default/@img/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3597db2cb26cc8251b754b173c4cd21b2ebea7c5ec1ac244cdd7eff322c41a85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"47e-5f975728dc303"
age
5520
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZySwk1mzd8gghI88mg9msBBwd8CzPupJP0WcYBeUcv1LEqU%2FdY5twtdvk2rrTqCrU8KvtMDp8P3eyKmJrnAaSPsBislh6A5BNJFIakY5FguXQf6Kph12gYA24C39MitJVOu"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2731&min_rtt=1879&rtt_var=944&sent=34&recv=26&lost=0&retrans=0&sent_bytes=21853&recv_bytes=7040&delivery_rate=3626&cwnd=12000&unsent_bytes=0&cid=ad53dcf1734b528c&ts=2607&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 20:40:55 GMT
content-type
image/vnd.microsoft.icon
last-modified
Sun, 16 Apr 2023 15:08:31 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f527344389db00c-NRT
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 20:40:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:55 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 11CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1285
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:19:30 GMT
expires
Fri, 20 Dec 2024 21:09:30 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8D44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9KyXM8SYcqe-eh_QQUxXdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9KyXM8SYcqe-eh_QQUxXdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 20:40:55 GMT
expires
Fri, 20 Dec 2024 20:40:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
Ad_Index
fundingchoicesmessages.google.com/f/AGSKWxW8eOHV2pcxmirVYDyxnNvVK24N8xBsRPeg976ZeZjY8KV05268BtlKI27LtgspoDmKs6H2rORnyocj6EyVKZPu--yAdkLWn04MYdtdxHS2hMHXHoyHDt98Sl71V10vqeKo4LjuqRYIDeAZYjLbkut3XWrJF... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW8eOHV2pcxmirVYDyxnNvVK24N8xBsRPeg976ZeZjY8KV05268BtlKI27LtgspoDmKs6H2rORnyocj6EyVKZPu--yAdkLWn04MYdtdxHS2hMHXHoyHDt98Sl71V10vqeKo4LjuqRYIDeAZYjLbkut3XWrJF86Ja77PRP2QP9BCer1wGWuvc20phgR3/_/Ad_Index?/adsrotate1right._openx._ad&zone=-publicidad.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxO7McbT2w7wx8pBefBDh4kqdPHmA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
bc7491d1d600fc5f4c605cd11c8d65f860df68c14fe88d4b110775d41e62735f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-q8GtAv_YRqUGW7Ol_c90sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:56 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1ZBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxALcXPcWDN9N5vAhN5fKkoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhkaGRnoGhvEFBgB35knk"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-q8GtAv_YRqUGW7Ol_c90sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxO7McbT2w7wx8pBefBDh4kqdPHmA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
38d39bae5e336586103a52db0d0533eaa0352d5bfff110067e534d610908a47a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
br
etag
17515058834211747903
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 20:40:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 20 Dec 2024 20:40:56 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53401
x-xss-protection
0
server
cafe
AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ruJGF2cQKfbLfRzL6GYG8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoAxB_qL7P-AGKGr1dYOYBYiJvjxprpu9kEDnz_raLkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDI30DMziCwwA6mYq3g"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ruJGF2cQKfbLfRzL6GYG8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WqShp-lN0ojwcANDSJ3EFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoAxB_qL7P-AGKGr1dYOYBYiJvjxprpu9kEOg5Ps1ZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGhkZ6BmbxBQYAseMqHA"
content-security-policy
script-src 'report-sample' 'nonce-WqShp-lN0ojwcANDSJ3EFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QTa7l74q6_9WHcWYzuPVEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiJvjxprpu9kEDix8GKTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDI30DMziCwwA0UAqjg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QTa7l74q6_9WHcWYzuPVEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f8axF0IiilqH0pUtrMXNxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiJvjxprpu9kENvR9D1JyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGhkZ6BmbxBQYA1TMqkw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f8axF0IiilqH0pUtrMXNxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUmS4WbgQ6ycTWBhbopHjh2R2J5Z9LjFhJwHs15cnO5Cmi9Mk1ZsYAZwAiap8lByXF_JwIOwxtE1XVWQCYUFSd6vItEZGTf_slKwy7Kr8d747pTsUoOS0WKeSAcotGkgSig_rabkg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUmS4WbgQ6ycTWBhbopHjh2R2J5Z9LjFhJwHs15cnO5Cmi9Mk1ZsYAZwAiap8lByXF_JwIOwxtE1XVWQCYUFSd6vItEZGTf_slKwy7Kr8d747pTsUoOS0WKeSAcotGkgSig_rabkg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NzI3MjU2LDE1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiamEiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudW5rbm93bnByb3h5LmNvbS8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJqYSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
1c87e63d2333e70b4ac65236036623baaf04666d3e992a307cf1c6368ad6dee6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8I6DuGHnMyTQk2CWi8CPww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:56 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxc9xYM303m8CCxv9hShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGRoZGegaG8QUGAD_YRRo"
content-security-policy
script-src 'report-sample' 'nonce-8I6DuGHnMyTQk2CWi8CPww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxUXwCzXvbBUaoIqaHKgtq6VgoLHTdvhMpnmUrxLjNKV38H_LFyNnLkUHC4r_LPoxN8bt15R-h5k8n_I4Ihj9rLSBhj4Oq2fU9maeJDdLLMB4MSm-jfpmCFp4B1-QolNwzga9mId2w==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXwCzXvbBUaoIqaHKgtq6VgoLHTdvhMpnmUrxLjNKV38H_LFyNnLkUHC4r_LPoxN8bt15R-h5k8n_I4Ihj9rLSBhj4Oq2fU9maeJDdLLMB4MSm-jfpmCFp4B1-QolNwzga9mId2w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J48M9bw8QqyrJ-4BKhJZ6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiJvjxprpu9kEOt5tKFZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGhkZ6BmbxBQYA2AcqoA"
content-security-policy
script-src 'report-sample' 'nonce-J48M9bw8QqyrJ-4BKhJZ6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVDSeJHx4kDs2M-6w660XbLyOc4osy9FQjMt-r1X7tGmRYLj8pgDWTIrnJkjZC_Kxxqp13W44W93D4Z9oIVAt93kQdaTSZ0dPU2zW95cw45Gw23YsbWKVZLa6YGdhe7aKXlXIW_rA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMwpkD-MocQuYtuAKEPuNFyvF4aF7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-prhBfgDQYSlSTcqtREDvyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:40:56 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoAxB_qL7P-AGKGr1dYOYBYiJvjxprpu9kEOj5cK1FyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGhkZ6BmbxBQYA4Icqwg"
content-security-policy
script-src 'report-sample' 'nonce-prhBfgDQYSlSTcqtREDvyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/js/300/addthis_widget.js
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=3539374493709224&bg=!mZqlmtXNAAbtGp3CzRo7ADQBe5WfOCJIQmnk2RqQznnQg73lwzvCQbK71MrEfHuzOszEzYFheR-HuV2WrZ1t1uYltWg1AgAAADZSAAAABWgBB34ANohZsGcK7xTYrOZke_yqLshKjxpan5ZBVT5bY65GM4W9c9c3xIvrqf00rwLlkQ19JdNGGrwJhwoAIYaBRAAbJz6VrENgordjOXcjnxOzR9suqLloWlIDAuy6ppkCmWv6lLWD8T75wBb05yJ3tn0fU0HGGYKOPAxpSYOZ04ZzS9DSLdLCpLnRz4Y9qN3xWxvrfiV15g8PbKn1QwGHxIawlPSWVEdyCipHIWkwOL683HTmrIISlTmMptjonMEZw0n4tqFs7bprXS4IlP31qFFpm-Hs3uPJ6HFR_6drCy6sVv4YCXMIDFG3DrUhnwWpJqocn4eejlQmNbuSOkatkkm7SxBWh6aKXd1cP42X3T60spo5V3J3LWgjG568uDHPMQigKEXJtOwl5Mv7ds2V3Vk_eALr4lw1TlCwkYLBdlRogEfToWL8kGnPLJWEuBEJgs_5iGY0EpkLdpVPRN67FjSi_33V_YCJR8HdZCO4VuCCltO1_rSQjq3avhJ1lMy9uiEwQEtab3DZdXurctY03mN92ipuRfCdXrFi4yvGa0bVkgka7BLQ_Co_npaq-xgLY5Xi3QlRMOGBK9K55aQK-yoBUGmWyD7HNSdlpAvczwPmd2RSbj9QpoLqBmimK_dH9aYxikXGrHDeCSsFkAD1SCoq5r_dQiN4a-Onx_RCt9MpR95C5ErrLVwHspmY2XRsAe67HjtLwvfvnZi152wYeeX277wb0xRaVG3I1sO2PURrMBlzM6npSb9s5pStX0UxTf_XLX1_6UnrvMpxtkW2picq-i0ZiDv6U6M5-wO9n3PTur-VuKqp7iX2-msd5KIXeBjDyRh77qSXHlE_WJ_5yHgrLoFDLuF2olo6H2jBQViRF0swdxYULbift5mVKgnBjDsHi-c7QDmZ8LLX4EPBPkJPyC8rMh9zHu0kTpjpUtmWqS-s5jFd5-YDXaz27JYCbTCyziJNmbO2HUPalwtzoqI0SgysJGjPXyzWzU1G0lQi_JlWGBD_AxLU

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| $ function| jQuery function| fixInputPlaceholders function| base64_decode object| _gaq object| adsbygoogle object| saved_servers object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| _gat object| gaGlobal function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjFlNTExMjhmMmNiMmY2OGxvYWRlcl9qcw== string| MjFlNTExMjhmMmNiMmY2OGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms boolean| 844c5bf6-29dd-445f-b325-fefe1ea46cad object| google_image_requests

14 Cookies

Domain/Path Name / Value
.unknownproxy.com/ Name: 4everproxy
Value: hi072m2phg01cc93rqaj76umlf
.unknownproxy.com/ Name: __utma
Value: 259337678.957931400.1734727254.1734727254.1734727254.1
.unknownproxy.com/ Name: __utmc
Value: 259337678
.unknownproxy.com/ Name: __utmz
Value: 259337678.1734727254.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.unknownproxy.com/ Name: __utmt
Value: 1
.unknownproxy.com/ Name: __gads
Value: ID=a6d2fad4da646804:T=1734727254:RT=1734727254:S=ALNI_MY2rsAmtUhhzAf0SJu1BleS4-KTYA
.unknownproxy.com/ Name: __gpi
Value: UID=00000fafbf357284:T=1734727254:RT=1734727254:S=ALNI_Map22DCJVYpizlgbUDDLD66eEjyUA
.unknownproxy.com/ Name: __eoi
Value: ID=ae186d62e2243a90:T=1734727254:RT=1734727254:S=AA-AfjaClcm90nCLC6IolFH_MOYm
.doubleclick.net/ Name: IDE
Value: AHWqTUmmwxET9nQOI8YNWpY2R6Tlw1A2_FBATOFcUVO-8Ya8PHAY36QRPPxpp-ZyCVI
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.unknownproxy.com/ Name: __utmb
Value: 259337678.2.9.1734727255707
.unknownproxy.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-AxTP8XUsVG0UWFybJh-E-YhVexYsIsu6L03CWh6GC1MlnzdCz1QRdDg8Kk9gqUUnJ-dS5Ya-H5UtEDd9Nbn_zoAydbDtTeJL9B53PlvpLtFV76_MacZQubnilSN5kgnXueXsS5sp_sBbhAV6URv89frSmtw%3D%3D%22%5D%5D

1 Console Messages

Source Level URL
Text
network error URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-53db0d241065de9a
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ny.unknownproxy.com
pagead2.googlesyndication.com
s7.addthis.com
ssl.google-analytics.com
www.google.com
www.serveuk7.com
www.unknownproxy.com
ep1.adtrafficquality.google
s7.addthis.com
142.250.196.130
142.250.199.98
142.251.42.200
142.251.42.206
149.56.254.138
172.217.161.226
172.217.31.132
172.67.150.201
198.98.51.35
2404:6800:4004:801::200e
2404:6800:4004:818::2001
2404:6800:4004:821::2008
2a04:4e42:400::649
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a5ea07a0ccf26cc71db359dbfc0b9b80434663dd810ec2eeee101f1ee120e2c
1c87e63d2333e70b4ac65236036623baaf04666d3e992a307cf1c6368ad6dee6
1d123106b82a82245d70cb69e08586d4b2a1259ef095d390bcbb10ad1c186351
3074b84f0ce98d30742403765cc4e46dea2cf376f86bbf4d96defe99bb862bea
3597db2cb26cc8251b754b173c4cd21b2ebea7c5ec1ac244cdd7eff322c41a85
38d39bae5e336586103a52db0d0533eaa0352d5bfff110067e534d610908a47a
63aa67a35f607dcc47fef68f279a36f2bdcfa0ca1d5cfabe2e3b46333fde5667
769565e0e8d5c7c0885b1d0e59a77446eaf6ca575b8735c53b5724a0077ec91b
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c2bc0bf7d4173ae067a69b92d929d2bf35be376709117a97f1bf21d3b6bc6de
a792d38482462beda83d9b25e5c07bc8066e3d311d6b999fbc72503fda874e1c
ad2061e496ce5ff9ddfbbff55b110bbee2531b9c1fc9c04bfe9c3d80b80f9927
b36def2ba5dae53eba38b814d48fe2584f772ad64a190d527ccf10ce838fb0bc
b933fba66b3db3bc0383063de816105a51044313b4a8b44690bb03e1e5e4a47d
bc7491d1d600fc5f4c605cd11c8d65f860df68c14fe88d4b110775d41e62735f
cc7ce2678586a779f599b34b5883f485d074bc08e7bc9dc8a1b115f52b30a69f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f9d9a70ec7418a19cd6152cc1b8cc41e744cc6e6557d02e401592223673c174d
fb8139c1360ba7dbc2bad7f96081de589b052285e94a06f5b33dae568277a992
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99