urlscan.io logo urlscan.io
SecurityTrails logo

obs.sifanoro.com Open in urlscan Pro
109.70.148.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.obs.sifanoro.com/
Effective URL: https://obs.sifanoro.com/
Submission: On February 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 10 domains to perform 112 HTTP transactions. The main IP is 109.70.148.62, located in London, United Kingdom and belongs to BANDWIDTH-AS, GB. The main domain is obs.sifanoro.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 25th 2024. Valid for: 3 months.
This is the only time obs.sifanoro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    109.70.148.62 (London, United Kingdom)

ASN25369 (BANDWIDTH-AS, GB)
PTR: greyhound.hostns.io
www.obs.sifanoro.com
obs.sifanoro.com
3    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
20    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
14    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
17    2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2607:f8b0:4006:820::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
www.googleadservices.com
5    2607:f8b0:4007:810::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
37 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 106
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
789 KB
24 sifanoro.com
www.obs.sifanoro.com
obs.sifanoro.com
1 MB
17 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
166 KB
15 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665
www.google.com — Cisco Umbrella Rank: 2
71 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
106 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 136
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
3 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2781
pixel.wp.com — Cisco Umbrella Rank: 2761
3 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
245 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
93 KB
112 10
Domain Requested by
23 obs.sifanoro.com obs.sifanoro.com
20 pagead2.googlesyndication.com obs.sifanoro.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
17 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
6 www.googleadservices.com
5 csi.gstatic.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 www.google.com 3 redirects tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
3 securepubads.g.doubleclick.net googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com obs.sifanoro.com
googleads.g.doubleclick.net
1 www.google-analytics.com www.googletagmanager.com
1 pixel.wp.com obs.sifanoro.com
1 stats.wp.com obs.sifanoro.com
1 www.googletagmanager.com obs.sifanoro.com
1 www.obs.sifanoro.com 1 redirects
112 17

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.candidthemes.com
Subject Issuer Validity Valid
obs.sifanoro.com
cPanel, Inc. Certification Authority		 2024-02-25 -
2024-05-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://obs.sifanoro.com/
Frame ID: 868790AC87C7652A2B85D472D15C5251
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: F1E548D6DAD47B20ADB7F7012E105654
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9466362027422135&output=html&adk=1812271804&adf=3025194257&lmt=1708951552&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fobs.sifanoro.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708951552312&bpp=4&bdt=880&idt=467&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1428417189737&rume=1&frm=20&pv=2&ga_vid=2127811384.1708951552&ga_sid=1708951553&ga_hid=1481752192&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95325257%2C31081152%2C42532523%2C44809004%2C95325066%2C95325752%2C31081354%2C95323761%2C95324154%2C95324161%2C95325791%2C31061691%2C31061692&oid=2&pvsid=499737103705669&tmod=762207536&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=502
Frame ID: 1A7B9147511DF16766B6C4D311C72698
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 3053AD9906B03E6186EA2FCA9A2E6424
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 7562F596B8FD290D617F94CF7415E743
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 1DF259C0D00E022B4D3F6379BECCB461
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F54C30FEA3A8E2E406892D38C2E61883
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5F44F895467F1F48E42BA0996E299F83
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4526D1EE71769443489961272E51ECBB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
Frame ID: C570FE35823050A5B9C1549350B3FDA8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
Frame ID: 37894460D55163C8B80C16428A31BAA7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
Frame ID: 39F606E5B760BF74866B32508062486F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A4B48418A75A38690A19F3C541967EF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3688FBC5AB266E9C4FF0FC008AFA7031
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Obs Tach

Page URL History Show full URLs

  1. https://www.obs.sifanoro.com/ HTTP 301
    https://obs.sifanoro.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

112
Requests

96 %
HTTPS

80 %
IPv6

10
Domains

17
Subdomains

16
IPs

2
Countries

2751 kB
Transfer

5410 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.obs.sifanoro.com/ HTTP 301
    https://obs.sifanoro.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 72
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 78
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cv0RJAIjcZabGN-Py998PuduPiAi56PqGds2wufSkEsnEy8O0CRABIPCkyJIBYMmGgIDco8QQoAHukdPNA8gBAqgDAcgDyQSqBIkCT9BwuYxM53IqfmVzaWLts-K6cg11sGFkbKUGXkZewCaYQL8sp2fBHYcEST8LfEbDleeZy9B8Z2VwHKvGG2VbLZfhpoH7LNZu7Wo9AiAfLKUTn4KWkOkImFtfOEkELD2s1LJnGmxJbE3K0Jw89ElSNeIFBc5wjIQfqiZXDczMNI80RNgZUEWlaOQf4b_DHFCB8vrcf92t-P7_Zyt6r9cuz10vkhZYFvhNUQVOCfz19qXcR92HIygl8W-mSwAg-E8gr2TL1UukKAmCDcCG0vpVu7TUTTM8chYfNX6YVTryh7zjT7X5WswsGs6jyqfvVWI3L6_KbmaCKXkRlA0w-cn-FJr_UsJ6ivbjgMAE-a28kskEiAWOqJixTpIFBAgEGAGSBQQIBRgEoAYCgAfP3eHYAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcFEMjbwAnSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYybL90YTJhAOaCWhodHRwOi8vdXMuc2hlaW4uY29tL2NhbXBhaWducy9zczI0P3VybF9mcm9tPXVzYWRnZzAxeHhuX1NTMjAyNFNwcmluZ2ludG9TSEVJTl8yMDI0MDIyNl8wNi0xNjBfNjAwX0JSeEFEU4AKAcgLAdoMEAoKEMDX9azNvszJSxICAQPYEwLQFQGAFwGyFxwKGggAEhRwdWItOTQ2NjM2MjAyNzQyMjEzNRgA&sigh=ci2Wn9DFz1E&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtq3skA6E7EC7QVBkskFtg2ExbMqTyOlpeiKSD0BbG6EtfgjTsgAuNLMug7HR1uTP1i7Ss6O2z8Od-6d9C9PEpJ6XK_xdPyrkf_ZRgB&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x71f8733a47454f180000000000000000%22,%222%22:%220x93f369a6b01cb7650000000000000000%22,%223%22:%220x465b3e77cfabcf770000000000000000%22,%224%22:%220x15598312cfbc89b90000000000000000%22,%225%22:%220x634362eba07ee740000000000000000%22},%22debug_key%22:%228875523365833095453%22,%22debug_reporting%22:true,%22destination%22:%22https://shein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968149230%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217232240864122985489%22}&andc=true
Request Chain 81
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Co3adAIjcZafGN-Py998PuduPiAi56PqGds2wufSkEsnEy8O0CRABIPCkyJIBYMmGgIDco8QQoAHukdPNA8gBAqgDAcgDyQSqBIkCT9ACR1yaAnQpAmJuvHC8IDsVss0ir-2HYdVB6ATFhZsAJBzAp30yFLNRE7_lZj0FszOqfVlJOGB9mVH5CAditBMsCYqsnEqV65hAyBxyJFBi8YBG5S6Sg6U0gBZG199vCHFNcBUmmKy7f9G6ygR7lZQCm9O_cAl7lC9s9XPzKS1G8TzPf5ECJ4khv9A-cHYNnyL02n2Al-KKEB279Jm_e6-ETpqJ6iCqPrhTZcpIP8xie5GWey71gCRDQ80iLy0olvzdEZtVaTo6_Jml0daQKRezEYgJn94cjnwJo1si275Nl9ct2WG4Ul5Dw9HIZ6N4uJqWW2z3cN7w4g3FkyhFrrhuoK9vmFoVs8AE-a28kskEiAWOqJixTpIFBAgEGAGSBQQIBRgEoAYCgAfP3eHYAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcFEIKNlAnSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYybL90YTJhAOaCWhodHRwOi8vdXMuc2hlaW4uY29tL2NhbXBhaWducy9zczI0P3VybF9mcm9tPXVzYWRnZzAxeHhuX1NTMjAyNFNwcmluZ2ludG9TSEVJTl8yMDI0MDIyNl8wNi0xNjBfNjAwX0JSeEFEU4AKAcgLAdoMEQoLEODbj6ClnLiCpQESAgED2BMC0BUBgBcBshccChoIABIUcHViLTk0NjYzNjIwMjc0MjIxMzUYAA&sigh=wOYZgTrWyv0&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtq3skA6E7EC7QVBkskFtg2ExbMqTyOlpeiKSD0BbG6EtfgjTsgAuNLMug7HR1uTP1i7Ss6O2z8Od-6d9C9PEpJ6XK_xdPyrkf_ZRgB&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x71f8733a47454f180000000000000000%22,%222%22:%220x93f369a6b01cb7650000000000000000%22,%223%22:%220x465b3e77cfabcf770000000000000000%22,%224%22:%220x15598312cfbc89b90000000000000000%22,%225%22:%220x634362eba07ee740000000000000000%22},%22debug_key%22:%225662155960870775887%22,%22debug_reporting%22:true,%22destination%22:%22https://shein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968149230%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22566616504667715249%22}&andc=true
Request Chain 82
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ClIO_AIjcZaTGN-Py998PuduPiAig_NPmdOju3N-5EsCNtwEQASDwpMiSAWDJhoCA3KPEEKAB3cP4zyrIAQGoAwHIA8MEqgSWAk_Qt7xyBHj7fnH-1n2bAkR-wbpf8XpGeLit65-pgd9DqSzPXdlcK9AidP4M9a5YxV0MB2_STTEU-OZD4pgAWe1GZGbERkqmDE5XYMYSk_MwUUvmRQ_HGXyrp9nFFEH7Wm-FPbCa8-y_ctzFNrXkbQauiS-WJUTmwiWSTyKeUA1Dt_a95VhYSm9KVn3jakeVD6P6V9JhShNX-gUBrib1C8WYgRiNDp1-PhwCzhiFPllsxZl9-APKRy13-XKAspk6tLyl2rxZcIzRncW_It58bgrT87Sn-CeuwwQoBd0ciC4ZHeAagzHGculVfuDnZacCkNyUcQAg70VDmqbly8mwuY-WmTSh1_XoDwEjEh1uhmTm_VMaOXauwASi1-2YtgSIBcuUx9lNkgUECAQYAZIFBAgFGASgBmaAB937yK8FqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwUQ8-C1BdIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOljJsv3RhMmEA5oJHmh0dHBzOi8vd3d3LmV4dHJhdmFsdWVodWIuY29tL4AKAcgLAdoMEQoLENDo_uDX6bynogESAgED2BMN0BUBgBcBshccChoIABIUcHViLTk0NjYzNjIwMjc0MjIxMzUYAA&sigh=bquw_len2_Q&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtq3skA6E7EC7QVBkskFtg2ExbMqTyOlpeiKSD0BbG6EtfgjTsgAuNLMug7HR1uTP1i7Ss6O2z8Od-6d9C9PEpJ6XK_xdPyrkf_ZRgB&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2db94839a6b8a8ed0000000000000000%22,%222%22:%220xc75cb0e46a9919170000000000000000%22,%223%22:%220xa80a989a228ed24d0000000000000000%22,%224%22:%220x5d440c40cec95b520000000000000000%22,%225%22:%220x63190d13ee3c09ad0000000000000000%22},%22debug_key%22:%2212427735425608494999%22,%22debug_reporting%22:true,%22destination%22:%22https://extravaluehub.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211441938909%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214862601763218686161%22}&andc=true

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
obs.sifanoro.com/
Redirect Chain
  • https://www.obs.sifanoro.com/
  • https://obs.sifanoro.com/
120 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed / PHP/7.4.33
Resource Hash
9af90d9f514d31ef12228ec674749d78afa9a0c503cdb8131740b7c79e93123f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-length
36548
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 12:45:51 GMT
etag
"62683-1708914938;br"
link
<https://obs.sifanoro.com/index.php?rest_route=/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 12:45:50 GMT
location
https://obs.sifanoro.com/
server
LiteSpeed
x-litespeed-cache
miss
x-powered-by
PHP/7.4.33
x-redirect-by
WordPress
style.min.css
obs.sifanoro.com/wp-includes/css/dist/block-library/ 		108 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Wed, 24 Jan 2024 19:02:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13600
expires
Mon, 04 Mar 2024 12:45:51 GMT
mediaelementplayer-legacy.min.css
obs.sifanoro.com/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2394
expires
Mon, 04 Mar 2024 12:45:51 GMT
wp-mediaelement.min.css
obs.sifanoro.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
982
expires
Mon, 04 Mar 2024 12:45:51 GMT
css
fonts.googleapis.com/ 		3 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.4.3
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afe98f8b8845ca7a1b92397e5a310c0a88b8c1bd2f55c58a813bdd9792114085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 12:40:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 12:45:51 GMT
css
fonts.googleapis.com/ 		4 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.4.3
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc3f0979e101efe27fcee670fe0fa77355e102e5f42680028ecd56d32b3089f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:53:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 12:45:51 GMT
font-awesome.min.css
obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Sun, 25 Feb 2024 08:24:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6662
expires
Mon, 04 Mar 2024 12:45:51 GMT
slick.css
obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 		2 KB
526 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.css?ver=1.3.7
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Sun, 25 Feb 2024 08:24:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
493
expires
Mon, 04 Mar 2024 12:45:51 GMT
slick-theme.css
obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 		3 KB
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick-theme.css?ver=1.3.7
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Sun, 25 Feb 2024 08:24:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
773
expires
Mon, 04 Mar 2024 12:45:51 GMT
style.css
obs.sifanoro.com/wp-content/themes/fairy/ 		103 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-content/themes/fairy/style.css?ver=1.3.7
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
e9d61380220dc6557adf818615193db49999ec5af04e82d2a4be2970ebda389e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Sun, 25 Feb 2024 08:24:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16957
expires
Mon, 04 Mar 2024 12:45:51 GMT
jquery.min.js
obs.sifanoro.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29744
expires
Mon, 04 Mar 2024 12:45:51 GMT
jquery-migrate.min.js
obs.sifanoro.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4678
expires
Mon, 04 Mar 2024 12:45:51 GMT
js
www.googletagmanager.com/gtag/ 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-KDTMCHVF
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c30d0263601a0cf7396177045116f190f87f649664752091fe47b5be67f3b1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94930
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 26 Feb 2024 12:45:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ed0de3ecfed83b47fc54d08967af8e2ff8015def35332b44f0fda492d8177af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
Origin
https://obs.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51156
x-xss-protection
0
server
cafe
etag
7005589312563050339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 26 Feb 2024 12:45:52 GMT
1708872221102.jpg
obs.sifanoro.com/wp-content/uploads/2024/02/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.sifanoro.com/wp-content/uploads/2024/02/1708872221102.jpg
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
fa5e64359ede4a51586bdc860d74dc298295e21a28bfbc4660a0954a8baae3b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
last-modified
Sun, 25 Feb 2024 14:42:11 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
158514
expires
Mon, 04 Mar 2024 12:45:51 GMT
1708725060558.jpg
obs.sifanoro.com/wp-content/uploads/2024/02/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.sifanoro.com/wp-content/uploads/2024/02/1708725060558.jpg
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
f314641b7d6245c3f74b2d1db3b1d22028125c4d96208bbab26b0032c8ecbfd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
last-modified
Sun, 25 Feb 2024 10:52:01 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
182808
expires
Mon, 04 Mar 2024 12:45:51 GMT
1708718341566.jpg
obs.sifanoro.com/wp-content/uploads/2024/02/ 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.sifanoro.com/wp-content/uploads/2024/02/1708718341566.jpg
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
d806c916378897bc3f1c2f9d77e62e55b763b068a6af4899267301a14af8e9ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
last-modified
Sun, 25 Feb 2024 10:46:18 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
232403
expires
Mon, 04 Mar 2024 12:45:51 GMT
navigation.js
obs.sifanoro.com/wp-content/themes/fairy/js/ 		3 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-content/themes/fairy/js/navigation.js?ver=1.3.7
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Sun, 25 Feb 2024 08:24:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
988
expires
Mon, 04 Mar 2024 12:45:51 GMT
theia-sticky-sidebar.js
obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/theia-sticky-sidebar.js?ver=1.3.7
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
9aa067574acf4c7b8d7cef4f104ea80eeb6bd8af4d1e142015d029779dcdae3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Sun, 25 Feb 2024 08:24:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3411
expires
Mon, 04 Mar 2024 12:45:51 GMT
slick.js
obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 		90 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.js?ver=1.3.7
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Sun, 25 Feb 2024 08:24:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14940
expires
Mon, 04 Mar 2024 12:45:51 GMT
imagesloaded.min.js
obs.sifanoro.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
content-encoding
br
last-modified
Fri, 11 Aug 2023 18:18:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1687
expires
Mon, 04 Mar 2024 12:45:51 GMT
masonry.min.js
obs.sifanoro.com/wp-includes/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:52 GMT
content-encoding
br
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7117
expires
Mon, 04 Mar 2024 12:45:52 GMT
custom.js
obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/custom.js?ver=1.3.7
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:52 GMT
content-encoding
br
last-modified
Sun, 25 Feb 2024 08:24:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1543
expires
Mon, 04 Mar 2024 12:45:52 GMT
e-202409.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202409.js
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT mia
date
Mon, 26 Feb 2024 12:45:52 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356353.6772
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 24 Feb 2025 15:02:37 GMT
97cead7c-d8a0-4208-a16a-8e4d25a744a9
https://obs.sifanoro.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://obs.sifanoro.com/97cead7c-d8a0-4208-a16a-8e4d25a744a9
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://obs.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:49:28 GMT
x-content-type-options
nosniff
age
363384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2025 07:49:28 GMT
fontawesome-webfont.woff2
obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://obs.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Origin
https://obs.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:51 GMT
last-modified
Sun, 25 Feb 2024 08:24:42 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
77160
expires
Mon, 04 Mar 2024 12:45:51 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://obs.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:33:56 GMT
x-content-type-options
nosniff
age
364316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2025 07:33:56 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://obs.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:32:03 GMT
x-content-type-options
nosniff
age
364429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2025 07:32:03 GMT
1708748685867.jpg
obs.sifanoro.com/wp-content/uploads/2024/02/ 		376 KB
376 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.sifanoro.com/wp-content/uploads/2024/02/1708748685867.jpg
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
7c56eb6ef3bddbe3acf71c0c4fa78b60a76d120e2781d6eb15f5e87e730026b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:52 GMT
last-modified
Sun, 25 Feb 2024 10:42:48 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
384759
expires
Mon, 04 Mar 2024 12:45:52 GMT
1708786126753.jpg
obs.sifanoro.com/wp-content/uploads/2024/02/ 		364 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.sifanoro.com/wp-content/uploads/2024/02/1708786126753.jpg
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
6bffa86c8c25cc97b9683a3c146f72b5dfe66bdbf26bba4bbcbe1afc13d696fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:52 GMT
last-modified
Sun, 25 Feb 2024 10:37:37 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
372878
expires
Mon, 04 Mar 2024 12:45:52 GMT
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=229864938&post=0&tz=0&srv=obs.sifanoro.com&j=1%3A13.1.3&host=obs.sifanoro.com&ref=&fcp=2343&rand=0.3312047351400791
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Feb 2024 12:45:52 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
obs.sifanoro.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.sifanoro.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: obs.sifanoro.com
URL: https://obs.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:52 GMT
content-encoding
br
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4651
expires
Mon, 04 Mar 2024 12:45:52 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 		408 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40902fb21405ff0febc01c128a6f991595e54dd83350e5f1d7333e981ad134b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141428
x-xss-protection
0
server
cafe
etag
15911458997912740848
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 12:45:52 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame F1E5 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
65840
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Feb 2024 18:28:32 GMT
etag
16527497774665505917
expires
Sun, 10 Mar 2024 18:28:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7C0ENHQWL0&gtm=45Pe42l0v9178503654za200&_p=1708951551875&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTNiMT&cid=2127811384.1708951552&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708951552&sct=1&seg=0&dl=https%3A%2F%2Fobs.sifanoro.com%2F&dt=Obs%20Tach&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2782
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KDTMCHVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:45:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://obs.sifanoro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/rum_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9e9c95b9f2f6084f9b309c52612c3ec6de3c02cc126393f87a7024f7db3660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
20519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21889
x-xss-protection
0
server
cafe
etag
10910332848271280946
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 07:03:53 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1A7B 		429 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9466362027422135&output=html&adk=1812271804&adf=3025194257&lmt=1708951552&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fobs.sifanoro.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708951552312&bpp=4&bdt=880&idt=467&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1428417189737&rume=1&frm=20&pv=2&ga_vid=2127811384.1708951552&ga_sid=1708951553&ga_hid=1481752192&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95325257%2C31081152%2C42532523%2C44809004%2C95325066%2C95325752%2C31081354%2C95323761%2C95324154%2C95324161%2C95325791%2C31061691%2C31061692&oid=2&pvsid=499737103705669&tmod=762207536&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=502
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea030aaeecd32599c9021739d68b36832d398783af4f7b86888ec6547bc76d15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
78180
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 12:45:53 GMT
expires
Mon, 26 Feb 2024 12:45:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/reactive_library_fy2021.js?bust=31081354
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
359c497df47b42f37abc9c8edec3aabb9ff8dfa398dbb5031e77ebe219ddc081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57324
x-xss-protection
0
server
cafe
etag
1240381672546934508
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 12:45:53 GMT
ca-pub-9466362027422135
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9466362027422135?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
870ba16a514ed4c9afed07e855b67f7aa4f097a7497ce7b920bd6e31ed3c0349
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4HS2MtrcTdvW4kmJOSSLlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-4HS2MtrcTdvW4kmJOSSLlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj6mHU4pJi8NSQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL5-pJJAog1gPid5Cumb0C8w8eDhW_ddFYVINZdP501FIhjnk9nTQHixawzWFcDsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6Oxgmf1rEJHJj16w8TAHofQHE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/slotcar_library_fy2021.js?bust=31081354
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a6a92a60507dd5854e3f53f33bcb8bb56ac2941f2130eb876e4f4bb8d68d61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32122
x-xss-protection
0
server
cafe
etag
17723072834762378799
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 12:45:53 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://obs.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 3053 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
39641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 01:45:13 GMT
etag
16527497774665505917
expires
Mon, 11 Mar 2024 01:45:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 7562 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
39641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 01:45:13 GMT
etag
16527497774665505917
expires
Mon, 11 Mar 2024 01:45:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 1DF2 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
39641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 01:45:13 GMT
etag
16527497774665505917
expires
Mon, 11 Mar 2024 01:45:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXuuWKSVKozUzY9QIKr0uJ5ApAaGQstClCWpSTs0MiZkJXXS-BxeOzWBTnQ3l_C8VlwtopnpR5nUsavDxhbUFPbmL5611240TAeOaT3KXTGxOeNcx4tPq5pKlmWwBV9dyFXx7N9Lg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXuuWKSVKozUzY9QIKr0uJ5ApAaGQstClCWpSTs0MiZkJXXS-BxeOzWBTnQ3l_C8VlwtopnpR5nUsavDxhbUFPbmL5611240TAeOaT3KXTGxOeNcx4tPq5pKlmWwBV9dyFXx7N9Lg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4OTUxNTU0LDM3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL29icy5zaWZhbm9yby5jb20vIixudWxsLFtbOCwiNlRHTElUSGZXNmMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5dbdf8fe5b16959592ea527eeae9d0a7d34a1090d3967e2e4bc1ed60b45014d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lM6HIGYlHhz3Jm4_sd_XPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lM6HIGYlHhz3Jm4_sd_XPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJi8NaQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL5-pJJAog1gPid5Cumb0C8w8eDhW_ddFYVINZdP501FIhjnk9nTQHixawzWFcDsVP6DNYgIP6cOYP1NxD71M9gjQFiIW6Opgmf1rEJ7Hh9XRcAOpQ_yA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
5d115d22c534f80a76417856e32eef9c.js
www.gstatic.com/mysidia/ Frame 3053 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 03:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3749
x-xss-protection
0
last-modified
Fri, 16 Feb 2024 00:22:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 21 May 2024 03:56:12 GMT
39b1936085524998ebfc7677a2ba517e.js
www.gstatic.com/mysidia/ Frame 3053 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/39b1936085524998ebfc7677a2ba517e.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
364305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4466
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 19:27:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 May 2024 07:34:09 GMT
css
fonts.googleapis.com/ Frame 3053 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 12:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 12:39:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 12:45:54 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3053 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 21:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
55659
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 21:18:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 3053 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
18859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8988
x-xss-protection
0
server
cafe
etag
12564770436581814922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 07:31:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3053 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 21:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
55659
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 21:18:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3053 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 21:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
55659
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 21:18:15 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3053 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 13:34:47 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame 3053 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:52:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 19:17:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 May 2024 07:52:22 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 7562 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
18859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8988
x-xss-protection
0
server
cafe
etag
12564770436581814922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 07:31:35 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame F54C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 11:55:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 7562 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 21:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
55659
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 21:18:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 7562 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 21:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
55659
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 21:18:15 GMT
9545598397759538194
tpc.googlesyndication.com/daca_images/simgad/ Frame 7562 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9545598397759538194
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85c8020d104b096891305f8cf3e21a5e97775d5b19d47c2d14ad952875382f49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Tue, 25 Feb 2025 06:05:52 GMT
date
Mon, 26 Feb 2024 06:05:52 GMT
x-content-type-options
nosniff
age
24002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52272
x-xss-protection
0
last-modified
Wed, 21 Feb 2024 12:04:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7562 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 13:34:47 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 7562 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11af2195e813c746e06f5dfccc66a824263d97395721fd109fc820cafcc7e1fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 23:01:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
49491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14601
x-xss-protection
0
server
cafe
etag
13220165445093104717
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 23:01:03 GMT
9545598397759538194
tpc.googlesyndication.com/daca_images/simgad/ Frame 1DF2 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9545598397759538194
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85c8020d104b096891305f8cf3e21a5e97775d5b19d47c2d14ad952875382f49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Tue, 25 Feb 2025 06:05:52 GMT
date
Mon, 26 Feb 2024 06:05:52 GMT
x-content-type-options
nosniff
age
24002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52272
x-xss-protection
0
last-modified
Wed, 21 Feb 2024 12:04:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 1DF2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
18859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8988
x-xss-protection
0
server
cafe
etag
12564770436581814922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 07:31:35 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5F44 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 11:55:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1DF2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 21:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
55659
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 21:18:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1DF2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 21:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
55659
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 21:18:15 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1DF2 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 13:34:47 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1DF2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11af2195e813c746e06f5dfccc66a824263d97395721fd109fc820cafcc7e1fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 23:01:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
49491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14601
x-xss-protection
0
server
cafe
etag
13220165445093104717
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 23:01:03 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F54C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 12:45:54 GMT
expires
Mon, 26 Feb 2024 12:45:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 12:45:54 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5F44
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 12:45:54 GMT
expires
Mon, 26 Feb 2024 12:45:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 12:45:54 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4526 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 11:55:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3053 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8eb324b579a44526d14b1869d5731b2cea513b97d423f70d0ec9839da8e642f6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4526
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 12:45:54 GMT
expires
Mon, 26 Feb 2024 12:45:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 12:45:54 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3053 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:33:52 GMT
x-content-type-options
nosniff
age
364322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2025 07:33:52 GMT
truncated
/ Frame 7562 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6484b2fac3919fff12364243a1cd28c743022728eadb0b5095ae56a1fb43fc92

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1DF2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55d8d63c7105bdf81697c409c16daa6ba4022f0c4f6ed7c8e997db119ff76290

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 7562 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d255488fd7493f999e12641c5afed8348b9f5bf3356106c2a33032368782d61d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2204
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24293
x-xss-protection
0
server
cafe
etag
13238648472899439582
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 13:09:10 GMT
JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
pagead2.googlesyndication.com/bg/ Frame C570 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:52:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
363193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19629
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Feb 2025 07:52:41 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 7562
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cv0RJAIjcZabGN-Py998PuduPiAi56PqGds2wufSkEsnEy8O0CRABIPCkyJIBYMmGgIDco8QQoAHukdPNA8gBAqgDAcgDyQSqBIkCT9BwuYxM53IqfmVzaWLts-K6cg11sGFkbKUGXkZewCa...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x71f8733a47454f180000000000000000%22,%222%22:%220x93f369a6b01cb7650000000000000000%22,%223%22:%220x465b3e...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x71f8733a47454f180000000000000000%22,%222%22:%220x93f369a6b01cb7650000000000000000%22,%223%22:%220x465b3e77cfabcf770000000000000000%22,%224%22:%220x15598312cfbc89b90000000000000000%22,%225%22:%220x634362eba07ee740000000000000000%22},%22debug_key%22:%228875523365833095453%22,%22debug_reporting%22:true,%22destination%22:%22https://shein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968149230%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217232240864122985489%22}&andc=true
Protocol
H3
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x71f8733a47454f180000000000000000","2":"0x93f369a6b01cb7650000000000000000","3":"0x465b3e77cfabcf770000000000000000","4":"0x15598312cfbc89b90000000000000000","5":"0x634362eba07ee740000000000000000"},"debug_key":"8875523365833095453","debug_reporting":true,"destination":"https://shein.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["968149230"],"22":["true"],"4":["02-26"],"6":["true"]},"priority":"500","source_event_id":"17232240864122985489"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 26 Feb 2024 12:45:55 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 26 Feb 2024 12:45:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x71f8733a47454f180000000000000000","2":"0x93f369a6b01cb7650000000000000000","3":"0x465b3e77cfabcf770000000000000000","4":"0x15598312cfbc89b90000000000000000","5":"0x634362eba07ee740000000000000000"},"debug_key":"8875523365833095453","debug_reporting":true,"destination":"https://shein.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["968149230"],"22":["true"],"4":["02-26"],"6":["true"]},"priority":"500","source_event_id":"17232240864122985489"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 1DF2 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d255488fd7493f999e12641c5afed8348b9f5bf3356106c2a33032368782d61d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2204
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24293
x-xss-protection
0
server
cafe
etag
13238648472899439582
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 13:09:10 GMT
JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
pagead2.googlesyndication.com/bg/ Frame 3789 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:52:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
363193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19629
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Feb 2025 07:52:41 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 1DF2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Co3adAIjcZafGN-Py998PuduPiAi56PqGds2wufSkEsnEy8O0CRABIPCkyJIBYMmGgIDco8QQoAHukdPNA8gBAqgDAcgDyQSqBIkCT9ACR1yaAnQpAmJuvHC8IDsVss0ir-2HYdVB6ATFhZs...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x71f8733a47454f180000000000000000%22,%222%22:%220x93f369a6b01cb7650000000000000000%22,%223%22:%220x465b3e...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x71f8733a47454f180000000000000000%22,%222%22:%220x93f369a6b01cb7650000000000000000%22,%223%22:%220x465b3e77cfabcf770000000000000000%22,%224%22:%220x15598312cfbc89b90000000000000000%22,%225%22:%220x634362eba07ee740000000000000000%22},%22debug_key%22:%225662155960870775887%22,%22debug_reporting%22:true,%22destination%22:%22https://shein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968149230%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22566616504667715249%22}&andc=true
Protocol
H3
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x71f8733a47454f180000000000000000","2":"0x93f369a6b01cb7650000000000000000","3":"0x465b3e77cfabcf770000000000000000","4":"0x15598312cfbc89b90000000000000000","5":"0x634362eba07ee740000000000000000"},"debug_key":"5662155960870775887","debug_reporting":true,"destination":"https://shein.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["968149230"],"22":["true"],"4":["02-26"],"6":["true"]},"priority":"500","source_event_id":"566616504667715249"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 26 Feb 2024 12:45:55 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 26 Feb 2024 12:45:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x71f8733a47454f180000000000000000","2":"0x93f369a6b01cb7650000000000000000","3":"0x465b3e77cfabcf770000000000000000","4":"0x15598312cfbc89b90000000000000000","5":"0x634362eba07ee740000000000000000"},"debug_key":"5662155960870775887","debug_reporting":true,"destination":"https://shein.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["968149230"],"22":["true"],"4":["02-26"],"6":["true"]},"priority":"500","source_event_id":"566616504667715249"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 3053
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ClIO_AIjcZaTGN-Py998PuduPiAig_NPmdOju3N-5EsCNtwEQASDwpMiSAWDJhoCA3KPEEKAB3cP4zyrIAQGoAwHIA8MEqgSWAk_Qt7xyBHj7fnH-1n2bAkR-wbpf8XpGeLit65-pgd9DqSz...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2db94839a6b8a8ed0000000000000000%22,%222%22:%220xc75cb0e46a9919170000000000000000%22,%223%22:%220xa80a98...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2db94839a6b8a8ed0000000000000000%22,%222%22:%220xc75cb0e46a9919170000000000000000%22,%223%22:%220xa80a989a228ed24d0000000000000000%22,%224%22:%220x5d440c40cec95b520000000000000000%22,%225%22:%220x63190d13ee3c09ad0000000000000000%22},%22debug_key%22:%2212427735425608494999%22,%22debug_reporting%22:true,%22destination%22:%22https://extravaluehub.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211441938909%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214862601763218686161%22}&andc=true
Protocol
H3
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x2db94839a6b8a8ed0000000000000000","2":"0xc75cb0e46a9919170000000000000000","3":"0xa80a989a228ed24d0000000000000000","4":"0x5d440c40cec95b520000000000000000","5":"0x63190d13ee3c09ad0000000000000000"},"debug_key":"12427735425608494999","debug_reporting":true,"destination":"https://extravaluehub.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11441938909"],"22":["true"],"4":["02-26"],"6":["true"]},"priority":"500","source_event_id":"14862601763218686161"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 26 Feb 2024 12:45:55 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 26 Feb 2024 12:45:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2db94839a6b8a8ed0000000000000000","2":"0xc75cb0e46a9919170000000000000000","3":"0xa80a989a228ed24d0000000000000000","4":"0x5d440c40cec95b520000000000000000","5":"0x63190d13ee3c09ad0000000000000000"},"debug_key":"12427735425608494999","debug_reporting":true,"destination":"https://extravaluehub.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11441938909"],"22":["true"],"4":["02-26"],"6":["true"]},"priority":"500","source_event_id":"14862601763218686161"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c6f04a6a13d0d7ca4af854703ec15df051a50a81fdda7661b08f2e05f87044a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12437
x-xss-protection
0
JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
pagead2.googlesyndication.com/bg/ Frame 39F6 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:52:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
363193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19629
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Feb 2025 07:52:41 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 3053 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d255488fd7493f999e12641c5afed8348b9f5bf3356106c2a33032368782d61d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2204
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24293
x-xss-protection
0
server
cafe
etag
13238648472899439582
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 13:09:10 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x71f8733a47454f180000000000000000%22,%222%22:%220x93f369a6b01cb7650000000000000000%22,%223%22:%220x465b3e77cfabcf770000000000000000%22,%224%22:%220x15598312cfbc89b90000000000000000%22,%225%22:%220x634362eba07ee740000000000000000%22},%22debug_key%22:%228875523365833095453%22,%22debug_reporting%22:true,%22destination%22:%22https://shein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968149230%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217232240864122985489%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 12:45:55 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x71f8733a47454f180000000000000000%22,%222%22:%220x93f369a6b01cb7650000000000000000%22,%223%22:%220x465b3e77cfabcf770000000000000000%22,%224%22:%220x15598312cfbc89b90000000000000000%22,%225%22:%220x634362eba07ee740000000000000000%22},%22debug_key%22:%225662155960870775887%22,%22debug_reporting%22:true,%22destination%22:%22https://shein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968149230%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22566616504667715249%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 12:45:55 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
_.ad.page..php
fundingchoicesmessages.google.com/f/AGSKWxUC-QjDiSb870oKcfRK1pldiJ39-BClnVpn9bnSQLR1TBMMcrS4i37DmnIkzMKV4F29JZ-e9yXWFu7e5tlqeqyEnkm8VoGND96DlT9ND0AK1yEPLn4NB9z0--LWx3AM6sf-VLYjpvL9SGE8wIeClyx5uJFER... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUC-QjDiSb870oKcfRK1pldiJ39-BClnVpn9bnSQLR1TBMMcrS4i37DmnIkzMKV4F29JZ-e9yXWFu7e5tlqeqyEnkm8VoGND96DlT9ND0AK1yEPLn4NB9z0--LWx3AM6sf-VLYjpvL9SGE8wIeClyx5uJFER9jtU5MkHjy-w0fq-kZ1soj44RM8ZYez/_.ad.page..php?clicktag=/footer_ad_?type=ad&/inline_ad_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzmtY4U3bNV8m5BcBjBYzvPxYy6IA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fed26119f8fc7964dbaaff3bdee97b8629b4e22528129626039d8c7f352a1c5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gsSfi1UbGXCw3mG2sCl0Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-gsSfi1UbGXCw3mG2sCl0Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJi8NOQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL5-pJJAog1gPid5Cumb0C8w8eDhW_ddFYVINZdP501FIhjnk9nTQHixawzWFcDsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6Opgmf1rEJTNj79SAzAHwwQCs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzmtY4U3bNV8m5BcBjBYzvPxYy6IA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d255488fd7493f999e12641c5afed8348b9f5bf3356106c2a33032368782d61d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:25:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
1208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24293
x-xss-protection
0
server
cafe
etag
13238648472899439582
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 13:25:46 GMT
AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i4zGFEY_ikijh47uyUDW8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i4zGFEY_ikijh47uyUDW8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5mie8Gkdm8COqZe1AC9yFNE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://obs.sifanoro.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js?bust=31081354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 12:45:55 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2db94839a6b8a8ed0000000000000000%22,%222%22:%220xc75cb0e46a9919170000000000000000%22,%223%22:%220xa80a989a228ed24d0000000000000000%22,%224%22:%220x5d440c40cec95b520000000000000000%22,%225%22:%220x63190d13ee3c09ad0000000000000000%22},%22debug_key%22:%2212427735425608494999%22,%22debug_reporting%22:true,%22destination%22:%22https://extravaluehub.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211441938909%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214862601763218686161%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 12:45:55 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SFcxDCNAw1ymlZpvoh1A-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-SFcxDCNAw1ymlZpvoh1A-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5mie8Gkdm0DH_XVKAC8-FL4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://obs.sifanoro.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7562 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lt2xmr40&chm=1&ctx=2&gqid=AIjcZcGANaqLoPMPlpyQSA&qqid=CKbG_9GEyYQDFWP5_QUdue0DgQ&met.4=fb.2o~lb.ab~ol.ii~bdt.-1zz~bpp.-1bf~idt.-yk~dtd.-xl~dt.-1bj&met.3=492.2t_1~200.2n_c~555.dk~556.dk_2~494.j9_1~113.rf_4~112.rd_5&met.1=1.lt2xmqcn~6.6~7.6~8.6~9.6~10.6~12.a~13.24~14.29~15.29~16.bn~17.bn~18.bn~19.i8~20.i8~21.ih&met.7=CCgQCBgBKAcwUTiaBWgKcE14liOAAeogiAHxR7ABAbgBAw~CAkQChgBIGcoZzDuAjiHAmjiAXDjAnjISIABnEaIAfS0AbABAbgBAw~CCgQBRgBIGkoaTCuAThEaG1wrQF4vQOAAZEBiAGPAbABAbgBAw~CB4QChgBIGooajDjAjj6AWjiAXDjAniADIAB1AmIAYEVsAEBuAED~CBwQChgBIGooajC1AjjLAWjiAXCqAni_QoABk0CIAYWdAbABAbgBAw~CBcQBhgBIGsoazC0AzjJAmjiAXD7AnjcmgOAAbCYA4gBsJgDsAEBuAED~CBwQChgBIGsoazDGAThbaGxwqwF42-0DgAGv6wOIAY7jDLABAbgBAw~CBwQChgBIGsoazDkAzj4AmjiAXDdA3i1dIABiXKIAY2dArABAbgBAw~CCgQChgBIK0FKK0FMLEHOIQCUK4FWLQGYOwFaLQGcPIGeJHAAYAB5b0BiAHR_gOwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:810::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:45:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9aedyKmj1TTyWHRZFvMPMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9aedyKmj1TTyWHRZFvMPMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5mie8Gkdm8CNtwe0AC7CFSw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://obs.sifanoro.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QfQ8vmyeP9T87oXMe-uTow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-QfQ8vmyeP9T87oXMe-uTow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5mie8Gkdm8CFB38UAS3hFUU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://obs.sifanoro.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXrH-opalB9uAA5XAduc88PS72NhLJ8Kn3lDrq1IgfxAD4azi8Nim2xblvvnCnBXpdlAKPDyXtJv4dzzNIFges0WfSr_QxhsaG3MRdMILXFJe5CR7jBVPLxcEPrbj9C1Pa4SMu1ew==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXrH-opalB9uAA5XAduc88PS72NhLJ8Kn3lDrq1IgfxAD4azi8Nim2xblvvnCnBXpdlAKPDyXtJv4dzzNIFges0WfSr_QxhsaG3MRdMILXFJe5CR7jBVPLxcEPrbj9C1Pa4SMu1ew==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4OTUxNTU1LDIyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9vYnMuc2lmYW5vcm8uY29tLyIsbnVsbCxbWzgsIjZUR0xJVEhmVzZjIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
440f9fc37e266bce67321b9af6cf511b805312051b820928ef239cf94c5f72b6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zhHPtDuycMYTm-GuLNTvlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zhHPtDuycMYTm-GuLNTvlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJi8NWQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL5-pJJAog1gPid5Cumb0C8w8eDhW_ddFYVINZdP501FIhjnk9nTQHixawzWFcDsVP6DNYgIP6cOYP1NxD71M9gjQFiIW6O5gmf1rEJNPx7ogIAOzI_qg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lt2xmr48&ctx=0&met.3=113.46e~112.46d_2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:810::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:45:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 1DF2 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lt2xmr4g&chm=1&ctx=2&gqid=AIjcZcGANaqLoPMPlpyQSA&qqid=CKfG_9GEyYQDFWP5_QUdue0DgQ&met.4=fb.2z~lb.bg~ol.in~bdt.-209~bpp.-1bp~idt.-yu~dtd.-xv~dt.-1bt&met.3=492.34_1~200.2r_i~555.dj~556.dj~494.j5_1~113.rj_1~112.ri_2&met.1=1.lt2xmqcx~6.2~7.2~8.2~9.2~10.2~12.3~13.1z~14.22~15.26~16.cw~17.cw~18.cx~19.id~20.id~21.in&met.7=CCgQCBgBKAIwSjifBWgDcEd4liOAAeogiAHxR7ABAbgBAw~CBcQBhgBIHEocTDSAzjhAmjXAXCpA3jcmgOAAbCYA4gBsJgDsAEBuAED~CAkQChgBIHIocjDxAjj_AWjXAXDmAnjISIABnEaIAfS0AbABAbgBAw~CCgQBRgBIHQodDC1AThBaHVwtAF4vQOAAZEBiAGPAbABAbgBAw~CB4QChgBIHQodDDkAjjxAWjXAXDkAniADIAB1AmIAYEVsAEBuAED~CBwQChgBIHQodDDYAjjjAWjXAXCqAni_QoABk0CIAYWdAbABAbgBAw~CBwQChgBIHUodTDkAThvaHZwuwF42-0DgAGv6wOIAY7jDLABAbgBAw~CBwQChgBIHUodTDfAzjpAmjXAXDZA3i1dIABiXKIAY2dArABAbgBAw~CCgQChgBIKwFKKwFMMcHOJsCaKkGcKcHeJHAAYAB5b0BiAHR_gOwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:810::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:45:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3053 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lt2xmr4z&chm=1&ctx=2&gqid=AIjcZcGANaqLoPMPlpyQSA&qqid=CKTG_9GEyYQDFWP5_QUdue0DgQ&met.4=fb.2w~lb.9v~ol.m1~bdt.-1yz~bpp.-1af~idt.-xk~dtd.-wl~dt.-1aj&met.3=200.28_q~492.9d_1~555.de~556.de_2~113.tc_2~112.tb_2&met.1=1.lt2xmqbn~6.1~7.2~8.2~9.2~10.2~11.2~12.2~13.1v~14.1z~15.23~16.cl~17.cl~18.cm~19.ln~20.ln~21.m1~22.9s~23.9s&met.7=CCgQCBgBKAEwRjiZBmgCcEN4liOAAeogiAHxR7ABAbgBAw~CBsQBxgBIGcoZzC5AjjSAQ~CBsQBxgBIGgoaDCqAjjCAQ~CBIQBxgBIGooajC_AThVaGtwvgF4pQyAAfkJiAHzcaoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIGooajCABDiXA2i6AnCABHjHCIABmwaIAYgNsAEBuAED~CB4QChgBIGooajCSBDioA2jDAnCQBHiADIAB1AmIAYEVsAEBuAED~CAkQChgBIGooajCQBDinA2jDAnCMBHjISIABnEaIAfS0AbABAbgBAw~CBwQChgBIGooajDMAjjiAVB1WIQCYL0BaIUCcMYCeL9CgAGTQIgBhZ0BsAEBuAED~CBwQChgBIGooajDAAThWaGtwqQF42-0DgAGv6wOIAY7jDLABAbgBAw~CBsQChgBIGooajCTAzipAg~CCgQBRgBINUCKNUCMJcDOEJo1wJwlgN4vQOAAZEBiAGPAbABAbgBAw~CCgQChgBIJwGKJwGMJsIOP8BaNcGcPUHeJHAAYAB5b0BiAHR_gOwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:810::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:45:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A4B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
325970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Feb 2024 18:13:05 GMT
expires
Fri, 21 Feb 2025 18:13:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3688 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
22724ec7e9074d4c1ccb70b745d81750929a5686213619ef3c4594ea7e79c1e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m2mLVWWVjes2oiWaTVoudQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://obs.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-m2mLVWWVjes2oiWaTVoudQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 12:45:55 GMT
expires
Mon, 26 Feb 2024 12:45:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxXzSLlku1KanUvcezZKIFb6NYK1qf4Ebi-ku6jdbO13fgjW1xkOEnT8pzOqDx4N8lN-JxUXQ63lQMue12C1ZvghA9X9LtCwCCaSUSNAfM0K8ZAxZbHGsO-A5uIUuRjrB2Ruz_1SgQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXzSLlku1KanUvcezZKIFb6NYK1qf4Ebi-ku6jdbO13fgjW1xkOEnT8pzOqDx4N8lN-JxUXQ63lQMue12C1ZvghA9X9LtCwCCaSUSNAfM0K8ZAxZbHGsO-A5uIUuRjrB2Ruz_1SgQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4OTUxNTU1LDEyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9vYnMuc2lmYW5vcm8uY29tLyIsbnVsbCxbWzgsIjZUR0xJVEhmVzZjIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3eb0ddc9d975a2150dff53f244fc41f4b13185823d3a29233ef7b9e1e9db876c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X0-fe2REcDA_D8RO8gBezQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-X0-fe2REcDA_D8RO8gBezQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJicNSQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL5-pJJAog1gPid5Cumb0C8w8eDhW_ddFYVINZdP501FIhjnk9nTQHixawzWFcDsVP6DNYgIP6cOYP1NxD71M9gjQFiIW6O5gmf1rEJHLixKBgANG8_pQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUmt2ztDHRmkwIineBb5okEQMJnWEc4i3Vgcunoa2Dkm4iv87eoE6r6NgTVl-Xhossm3_O6tEr0fT0StkTA06Ok5G9m-EVDAc7WGqWMNy906iskVw5jmjXMlEjGoGxSVYSe2MrrSQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmt2ztDHRmkwIineBb5okEQMJnWEc4i3Vgcunoa2Dkm4iv87eoE6r6NgTVl-Xhossm3_O6tEr0fT0StkTA06Ok5G9m-EVDAc7WGqWMNy906iskVw5jmjXMlEjGoGxSVYSe2MrrSQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LmhXKtpzN-CLqO6tnxeKhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LmhXKtpzN-CLqO6tnxeKhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5mie8Gkdm8CG7ZNqATAoFQA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://obs.sifanoro.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0E6u64TIdHZ5as1fB7vSh8oOHk-bPnrp-qxhVyVr1G4FMZL8mPGTM7Jg5JnYSJ3lgKXtT2qt_87k0CiHqZBV1pefV8b_pCxIIJ1Sw7NmbN5eI82Lp5l43M1PjXABfekf3N2frSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CWHcVS642YaStVroocK-1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://obs.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CWHcVS642YaStVroocK-1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5mie8Gkdm8CJpXvqAC6VFSc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://obs.sifanoro.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
pagead2.googlesyndication.com/bg/ Frame 2A4B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 13:35:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
83428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15302
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Feb 2025 13:35:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3688 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=499737103705669&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2A4B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AtKcgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 12:45:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7562 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-FF44TjHzBMpUh0vlTASsIxmR60VFzH3cUsWhBD0i4FewcuY6ruJrJGRvd--3lByYngiV7MKQo4moeaPAwTk88uOd7L7ntGGZl24pgI9nb2SrimVYznsi5gUe2XhYZUP8T50FfYH62pMVFey9Y4_vvzpUf8Bydpo&sai=AMfl-YSwBLzt41aZ-WsP-6Rub8IIvugxXHBMBwLMvum5QctAmwaeBppAg7Y3CfIg9A6N4P9duS3BG0sR-DfjLz5bd1i84L3Pm1p5X6-N9a7lwhweeyMubFGGXcKEE25zHf4yGhq6toELRulU0Uylxiy_&sig=Cg0ArKJSzH1O1G05xZFFEAE&cid=CAQSTgB7FLtq3skA6E7EC7QVBkskFtg2ExbMqTyOlpeiKSD0BbG6EtfgjTsgAuNLMug7HR1uTP1i7Ss6O2z8Od-6d9C9PEpJ6XK_xdPyrkf_ZRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=488435400&rst=1708951554023&rpt=462&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1DF2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwNnND9lxdCACTresgSRhJzaUJqVhOf-mH7AXgD1vDQOIfBzuZSrWUJLt86HroNg2PWkh0yIDqDDNE0WKZkgr4nTBAW3pAviklD-fh1daUXhlKkjDHJrdnZY8zvASsKHYHBJ8JbDoFGtUb63bN6r8h5FQQcxmqgZw&sai=AMfl-YR-VPnLPJuzNBYQDad13I98XQCWr5B5L7ySymvrQMiSrxR-rkmjqMtJFIjGRz_5s7bcAiMZuoXM7tU9SwP54eecfh28VhBDXDkghR8WAg3oMLj_9VBLzHp64Z3nE8FEHNQCzc6fh9C-CaYEXQy7&sig=Cg0ArKJSzJExU_2h1BP5EAE&cid=CAQSTgB7FLtq3skA6E7EC7QVBkskFtg2ExbMqTyOlpeiKSD0BbG6EtfgjTsgAuNLMug7HR1uTP1i7Ss6O2z8Od-6d9C9PEpJ6XK_xdPyrkf_ZRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=488435400&rst=1708951554033&rpt=468&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lt2xmpno&c=499737103705669&e=44759876%2C44759927%2C95325257%2C31081152%2C42532523%2C44809004%2C95325066%2C95325752%2C31081354%2C95323761%2C31061691%2C31061692&ctx=1&met.3=1001.23c_1__1~164.23e_1~165.23a_4~166.22s_13~1032.2ga~326.2gb_2~832.2ge~868.2ge~216.2g9_7~215.2g9_7~843.2g8_8~889.2h3~639.2hd~112.2pu_2~429.32r_1~990.32u_e__2~353.32s_f~210.37g_9~1032.37r~326.37r~832.37s~868.37s~164.37r_3~165.37q_4~466.37p_4~1032.37v~326.37v~832.37v~868.37v~164.37v_1~165.37u_2~466.37u_2~1032.37w~326.37w~832.37x~868.37x~164.37w_1~165.37w_2~466.37w_2~522.37p_8~723.383_1~1013.3dx~525.3ds_n~525.3ef_n~525.3f2_2~639.3f9~639.3f9~639.3f9~264.3f9~264.3fe~264.3fq~264.3gu~264.3gx~264.3hs~264.3id~264.3if~264.3ip~264.3j0~264.3jf~264.3jv~264.3kg~264.3l6~264.3li~264.3lv~264.3m7~264.3mu~264.3ne~264.3nm~168.3py~168.3py~168.3py~168.3py~168.3py_2~168.3py_2~168.3q0~168.3q0~264.3q2~168.3q7~168.3q7~168.3q7~168.3q7~168.3q7~168.3q7~168.3q7~168.3q7~264.3qd~168.3rf~168.3rf~168.3rf~168.3rf~168.3rf~168.3rf~168.3rf~168.3rf~264.3rg~264.3rw~264.3s1~264.3sf~264.3so~264.3t6~264.3u4~264.3uq~264.3uz~264.3vg~264.3vz~264.3wd~1228.3xa_1~273.3xa_1~264.3xe~1228.3xq~273.3xq~264.3xv~264.3y4~264.3yt~264.3ze~273.3zv~113.3zy_1~264.42s~264.432~264.43k~264.45n~264.461&met.1=1.lt2xmmxu~6.14p~7.14p~8.14p~9.14p~10.14p~12.17c~13.1er~14.1et~15.1eu~16.20z~17.20z~18.210~19.3zv~20.3zv~21.3zw~22.1t3~23.1t3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/rum_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:810::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:45:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3053 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFvxhCiZCk61DfTfxpYUfrsb3Trn89khgP3cl0Dgxpi4OHzGXVv_zahALXh_EQkOy-EgDuugEVDXLaF27nZF2e3YHmnspkWStGwxreeqacq6I_e5OUnG-OdBMM52KHwfYcarE6KdU3EVStceHtrW7zcGeW6r78G6g&sai=AMfl-YSHjN6GGcAYHMohRzRZ8tzOvPnhTI0hLj3NhOWFJ9Rc698Q1oXcbJ32jXG1_70Faq4SmmP94j19i0kyHKWOuJM6Ysp8Msc4_-jQa604NX3lJ83AFQYSy3ArBAAQOyxN_Ay_2C056iPQTRjglJPo&sig=Cg0ArKJSzM6uOTYytpnvEAE&cid=CAQSTgB7FLtq3skA6E7EC7QVBkskFtg2ExbMqTyOlpeiKSD0BbG6EtfgjTsgAuNLMug7HR1uTP1i7Ss6O2z8Od-6d9C9PEpJ6XK_xdPyrkf_ZRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=596,1000,1000,1000,1000&tos=596,404,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=488435400&rst=1708951553987&rpt=788&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:45:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=499737103705669&bg=!ERKlEl3NAAZ3BdUuVwU7ADQBe5WfOHgaZf2lEI2tRDo7VedNqxnkc4PK9QQlZ5mCYHhtyltOxsOCl-U3zI-4PHQEpeD6AgAAAHRSAAAAA2gBB5kC58rabHIOejs8097ET0RsrGNp0RkCbuT41sqa2a8rQuFjHmUaUP6J80-8r7VEzLbSBZNcaR6NQ91ex8SRHCxvnTDXDmttPrQ4a3ZujdnecGg_P61c6Od99oLgSbPU4_B1Zubvb1Xe1-AdO7_euBfB5Ss9fQpH6k8ohOcqrQXHirz6LVMHwIjbZQlgUXSzrcSAht9vVlSr6CgZ9kMVd_IlkBBzc3vhUFDEX_fOU_4TiK63cIfCgVU6MK1BrrYFC9rr1lJX6xWebaFKhofdb2rQUVjDbeWSKWoDeSinIxtqpsqrpd-k4iiPoWckJrpQuyrE4hQ0zFjdErcwwDC3GeFfMLyexA6zs19fYNKAd-VgnJi386WvfnzJJbzOIdT8ePWWoEMImljs828yQp-m_RuJBdu5_7hvanLU_dpMtqnc6oTFkC63X0hjN1LHPwoHSIB8jmh0C03yRjeAnDfz37750YZ4FZN04y1JwyNHMgJSpWxUqjDnnC2hjGhenkzMPAuwI-zLN9znbUbKVio81ggZS2tWVh7VM_cNGXYaFk9S-QwSJwGmskkFIkSYN4_ErxIAdqy4IJ1iJS4QH1oWUpaw_ZRB5AAKMYqbmk1aGRGZU9T1zck_0MdmwJ3j042nUfYdfU6gdEpTHErSYGJNGoNoPaiRRJNnK8cyNQTESSmqZdNuBj31o4qJC4nTzOlsz6tvbZVJLYYCPhJ-4oX9V6FwSh0rdYu5OK6UxVqAGA4933utAGYZhm1os8clyn3RibEycM1NHp44T2QMiahSotvnNreOkSHf0ony11arVodnxD_Fv9M_4ZiSPRl45AUnkUzpIwK6f40rWbbcrHh1SGq3TZgaIoV93xaDMsINNT_y79vhCBX7zsHyH8cq4lbqG-uz0n69xBr9y9fas8F1xUzpFjXAubvqsl9dIg-uQq2SDcufBXnjWWENSH6QKn1zOPQantkHAuEyXueLFZuFZTRc7veB3Qt4ihqE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://obs.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| nav_tag function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| st_go function| linktracker_init object| wpcom object| _stq function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element boolean| ai_process_elements_active function| MobileDetect function| ai_process_lists boolean| ai_js_code function| goToTop object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| twemoji object| wp function| google_sa_impl object| google_rum_config number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _google_rum_ns_ object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NDY5OGE1YzQ1MTI4MzY5YmxvYWRlcl9qcw== string| NDY5OGE1YzQ1MTI4MzY5YmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag undefined| google_rum_values object| GoogleGcLKhOms boolean| 0d33f141-e34f-4671-b73d-a4f59bd93c94 object| google_image_requests

9 Cookies

Domain/Path Name / Value
.sifanoro.com/ Name: _ga_7C0ENHQWL0
Value: GS1.1.1708951552.1.0.1708951552.0.0.0
.sifanoro.com/ Name: _ga
Value: GA1.1.2127811384.1708951552
.sifanoro.com/ Name: __gads
Value: ID=7847bc9d99b923bb:T=1708951552:RT=1708951552:S=ALNI_MZ5t8mvDHaU7pUN2XWYQGOghjiepQ
.sifanoro.com/ Name: __gpi
Value: UID=00000dcd2cd0cc76:T=1708951552:RT=1708951552:S=ALNI_MbaJEsw_W4ZSCEFtqqA3J33sAxmVA
.sifanoro.com/ Name: __eoi
Value: ID=30461a1842269047:T=1708951552:RT=1708951552:S=AA-AfjZvCAN6vjy7qSWEzrvZaFCr
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkJKlyVfRhbGDW9l-v-KNJJcMbFq6EzriA-aN5qzClIJ6eulCMPFpsAwlisUfQ
.sifanoro.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9ZUUJPsZ1m1Quqi9a7nQepePrLNqMvD-L1rem-e-xICxg-MrsMIq7nGtwXdRL_iQEoEhNktmoCqxG_4I4rGhAW4KqAzgh-IzA2Kv8V1tHD3geFRlgvyvGZbRW6eTgajALBukDorR5yLaV6X6HmRWSm8GSDDg%3D%3D%22%5D%5D
.googleadservices.com/ Name: ar_debug
Value: 1

35 Console Messages

Source Level URL
Text
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://obs.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
obs.sifanoro.com
pagead2.googlesyndication.com
pixel.wp.com
securepubads.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.obs.sifanoro.com
109.70.148.62
142.250.80.34
192.0.76.3
2607:f8b0:4006:809::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2004
2607:f8b0:4006:821::2003
2607:f8b0:4007:810::2003
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
11af2195e813c746e06f5dfccc66a824263d97395721fd109fc820cafcc7e1fc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
22724ec7e9074d4c1ccb70b745d81750929a5686213619ef3c4594ea7e79c1e9
25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c
2c6f04a6a13d0d7ca4af854703ec15df051a50a81fdda7661b08f2e05f87044a
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ed0de3ecfed83b47fc54d08967af8e2ff8015def35332b44f0fda492d8177af
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
359c497df47b42f37abc9c8edec3aabb9ff8dfa398dbb5031e77ebe219ddc081
3eb0ddc9d975a2150dff53f244fc41f4b13185823d3a29233ef7b9e1e9db876c
3fed26119f8fc7964dbaaff3bdee97b8629b4e22528129626039d8c7f352a1c5
40902fb21405ff0febc01c128a6f991595e54dd83350e5f1d7333e981ad134b7
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
440f9fc37e266bce67321b9af6cf511b805312051b820928ef239cf94c5f72b6
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4c9e9c95b9f2f6084f9b309c52612c3ec6de3c02cc126393f87a7024f7db3660
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d8d63c7105bdf81697c409c16daa6ba4022f0c4f6ed7c8e997db119ff76290
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6484b2fac3919fff12364243a1cd28c743022728eadb0b5095ae56a1fb43fc92
6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6bffa86c8c25cc97b9683a3c146f72b5dfe66bdbf26bba4bbcbe1afc13d696fa
7a6a92a60507dd5854e3f53f33bcb8bb56ac2941f2130eb876e4f4bb8d68d61e
7c56eb6ef3bddbe3acf71c0c4fa78b60a76d120e2781d6eb15f5e87e730026b7
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
85c8020d104b096891305f8cf3e21a5e97775d5b19d47c2d14ad952875382f49
870ba16a514ed4c9afed07e855b67f7aa4f097a7497ce7b920bd6e31ed3c0349
8eb324b579a44526d14b1869d5731b2cea513b97d423f70d0ec9839da8e642f6
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9aa067574acf4c7b8d7cef4f104ea80eeb6bd8af4d1e142015d029779dcdae3e
9af90d9f514d31ef12228ec674749d78afa9a0c503cdb8131740b7c79e93123f
9c30d0263601a0cf7396177045116f190f87f649664752091fe47b5be67f3b1b
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
afe98f8b8845ca7a1b92397e5a310c0a88b8c1bd2f55c58a813bdd9792114085
b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9
b5dbdf8fe5b16959592ea527eeae9d0a7d34a1090d3967e2e4bc1ed60b45014d
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bc3f0979e101efe27fcee670fe0fa77355e102e5f42680028ecd56d32b3089f6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d255488fd7493f999e12641c5afed8348b9f5bf3356106c2a33032368782d61d
d806c916378897bc3f1c2f9d77e62e55b763b068a6af4899267301a14af8e9ca
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
e9d61380220dc6557adf818615193db49999ec5af04e82d2a4be2970ebda389e
ea030aaeecd32599c9021739d68b36832d398783af4f7b86888ec6547bc76d15
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f314641b7d6245c3f74b2d1db3b1d22028125c4d96208bbab26b0032c8ecbfd7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
fa5e64359ede4a51586bdc860d74dc298295e21a28bfbc4660a0954a8baae3b2