Submitted URL: http://163.172.68.188/
Effective URL: https://163.172.68.188/
Submission: On July 27 via manual from MD — Scanned from FR

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 39 HTTP transactions. The main IP is 163.172.68.188, located in France and belongs to Online SAS, FR. The main domain is 163.172.68.188.
TLS certificate: Issued by awais.qazi.host on January 30th 2024. Valid for: a year.
This is the only time 163.172.68.188 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
16 despreserialero.me
despreserialero.me
222 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
215 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
2 gstatic.com
fonts.gstatic.com
43 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
102 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
751 B
39 8
Domain Requested by
16 despreserialero.me 163.172.68.188
despreserialero.me
5 pagead2.googlesyndication.com 163.172.68.188
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com 163.172.68.188
1 fonts.googleapis.com 163.172.68.188
39 9

This site contains links to these domains. Also see Links.

Domain
despreserialero.me
wordpress.org
tielabs.com
Subject Issuer Validity Valid
awais.qazi.host
awais.qazi.host
2024-01-30 -
2025-01-29
a year crt.sh
despreserialero.me
WE1
2024-06-27 -
2024-09-25
3 months crt.sh
upload.video.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.google-analytics.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.gstatic.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh

This page contains 5 frames:

Primary Page: https://163.172.68.188/
Frame ID: 3C64406C9A4C1C21492C5467937D1F2C
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240724/r20110914/zrt_lookup_fy2021.html
Frame ID: 8D3C8D0C813B1221E7898BF3B9D2E7DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2957088714048101&output=html&adk=3046330955&adf=2044148826&abgtt=6&lmt=1722089357&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F163.172.68.188%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_8~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722089357115&bpp=3&bdt=378&idt=273&shv=r20240724&mjsv=m202407230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4671838330260&frm=20&pv=2&ga_vid=151067352.1722089357&ga_sid=1722089357&ga_hid=1273358624&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C44795921%2C95331690%2C95334527%2C95334829%2C95337868%2C95338257%2C95336267%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=116660732927034&tmod=1600209982&uas=0&nvt=1&fsapi=1&fc=1920&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=286
Frame ID: 4AA152544CABD022435B859D57E0AB7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 572108C48EB8BE8FB4C1E01BC930E6D4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C27A60BCE9940B05F8E39FA1F2233922
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Despre Seriale ro | Despre Seriale Turcesti | Despre Seriale

Page URL History Show full URLs

  1. http://163.172.68.188/ HTTP 307
    https://163.172.68.188/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js


Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

39
Requests

79 %
HTTPS

55 %
IPv6

8
Domains

9
Subdomains

12
IPs

3
Countries

595 kB
Transfer

1699 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://163.172.68.188/ HTTP 307
    https://163.172.68.188/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
163.172.68.188/
Redirect Chain
  • http://163.172.68.188/
  • https://163.172.68.188/
52 KB
12 KB
Document
General
Full URL
https://163.172.68.188/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.68.188 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-68-188.rev.poneytelecom.eu
Software
nginx /
Resource Hash
b207894ecd301b5f3837411a977a3016a10487eaf9310c80ae0fa73fa8968812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 27 Jul 2024 14:09:16 GMT
link
<https://despreserialero.me/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
x-xss-protection
1; mode=block

Redirect headers

Location
https://163.172.68.188/
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
despreserialero.me/wp-includes/css/dist/block-library/
111 KB
15 KB
Stylesheet
General
Full URL
https://despreserialero.me/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1002 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1533074
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Wed, 03 Apr 2024 00:47:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9c6OeruYJJ4Jkm8hR2m%2BD2udUPdjFeAeGWy4ZEJEkDrI1NNcO0ERvYjKruc6xODiZ5pIHZkLXws5oW5t2qpsezXzc0jrlujpQT4CdhAIddpLOPYPynhZpOgQ5CB8xWlX7WiEznWsuadUAjg3OeThHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8a9d34d06a649eb6-CDG
expires
Thu, 08 Aug 2024 20:18:02 GMT
style.css
despreserialero.me/wp-content/themes/sahifa/
201 KB
38 KB
Stylesheet
General
Full URL
https://despreserialero.me/wp-content/themes/sahifa/style.css
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1002 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0d6e641918d96eab6ca52a42423b26addbd69e95af4473a6936231acb454446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1533074
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 01 Mar 2024 19:42:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vIVFsHnXu9ID%2Bz%2Fq6Ff7Q46KDpWrtYF%2B9zi8bXZfBI2kXvPjp0Xu%2BgKYDA%2F49Vu8ck7lPbktqx05FKMgtS8AwndkzkCmPKv7e0janRmrs7Iigj%2B6Aj4DJmuIPLb7hOQtyIE93oOXITNb3xTJGscSZtk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8a9d34d06a5f9eb6-CDG
expires
Thu, 08 Aug 2024 20:18:02 GMT
skin.css
despreserialero.me/wp-content/themes/sahifa/css/ilightbox/dark-skin/
7 KB
2 KB
Stylesheet
General
Full URL
https://despreserialero.me/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1002 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1294272
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 01 Mar 2024 19:42:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m59NHnj%2F3lQWAkhZ1ICLAGc4bkhMD4GRrUQOHRMJsApQ%2B8Ljo0VIx3oSXbcCrifK8iYLVDMwM6oGTmCUWGlQpCujOstwqu9OXOR6iSfh3DoO9pjO1HSpSj1ZuYCtEsdYI%2FaXgvdS1qHGbOm8Yea0qhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8a9d34d06a619eb6-CDG
expires
Sun, 11 Aug 2024 14:38:04 GMT
css
fonts.googleapis.com/
802 B
751 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jul 2024 14:09:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jul 2024 13:44:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jul 2024 14:09:16 GMT
jquery.min.js
despreserialero.me/wp-includes/js/jquery/
86 KB
30 KB
Script
General
Full URL
https://despreserialero.me/wp-includes/js/jquery/jquery.min.js
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1002 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1533074
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Wed, 08 Nov 2023 00:51:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckOPb8N%2FKyJBuncMR8WgyxKyHZHkUWtixO4SweA0oF5xu2SdsIUXTy9cz77ajcr%2FII1Q%2FKYGSZitO2TKt5l69fJA0iWt%2BYxoNFb%2BjwW6u%2BeajysabFPhh08hWksSEOuiMvIpCEzmiNC1G7XceDylZro%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8a9d34d06a669eb6-CDG
expires
Thu, 08 Aug 2024 20:18:02 GMT
jquery-migrate.min.js
despreserialero.me/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://despreserialero.me/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1002 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1533074
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 09 Jun 2023 09:19:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7FEDv1W8mCIoEp6RHrc207l97HBGdMlYYYVMmmLQjbV10Sk1WBv6ZLoKyUP6ulb3gkToMbtpHmgZUMlwTuqyhhJzQr8Zo6ydl0xt1sl4LI1ebhtB3E%2F7HdhsRLbnrNy3PbfJVpSsjN0HCYgAlsz59Xw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8a9d34d06a659eb6-CDG
expires
Thu, 08 Aug 2024 20:18:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
159 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2957088714048101
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
d8e07b89664d809ef3afad52b3294e49ce3c533f7ad2c1b76b4399ddd7f0eb6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
Origin
https://163.172.68.188
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53490
x-xss-protection
0
server
cafe
etag
12610636560355829875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jul 2024 14:09:17 GMT
Pescarusul-Subtitrat-in-Romana-300x169.jpg
despreserialero.me/wp-content/uploads/2023/09/
15 KB
16 KB
Image
General
Full URL
https://despreserialero.me/wp-content/uploads/2023/09/Pescarusul-Subtitrat-in-Romana-300x169.jpg
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1002 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f5d24ba65643e721feed18b1c501c95283984dde81d1195b84397516044b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
15610
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sat, 16 Sep 2023 06:06:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoysTOPerpNCZ6uIonuSXXL7SxjQm%2FpdCZKiJruqWhk7YuL5vHx2jus6RhvHaC05cmhfTwoIOAgI8XLw3TGDfElalapI5E56%2B3zpKgAe1lOsVdNP3ntca3RIEqvXsaHbjBV0PJaX3UEBv7K4GCn1BAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8a9d34d06a679eb6-CDG
expires
Wed, 25 Sep 2024 14:09:16 GMT
js
www.googletagmanager.com/gtag/
306 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J54JNFRX0D
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c250be19f51f5415b0e63268e11f903cad6d3341546cc3ca1d1febfcf6cb81db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103723
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jul 2024 14:09:17 GMT
tie-scripts.js
despreserialero.me/wp-content/themes/sahifa/js/
75 KB
22 KB
Script
General
Full URL
https://despreserialero.me/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1002 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62d244a8ba87ba4f07250da0e9b31327b74e7dd2ffa5e33eef3e6cc3c9ff631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1538691
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 01 Mar 2024 19:42:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BqffxDtDGPrxU%2F7ZMcqeJM5vBLeB40r5RAIvPWX9Pcz6dVH0Gz0CkEc6U042gHhxPs%2FvtfZIT3ELJC5%2Fa1qnX6b2WFkebXPc0f2jhQO5lEyazeMUmPQyvoLbeDjBzCxaPPt1tFSG1cQV2O%2FFvkDFTdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8a9d34d09a8e9eb6-CDG
expires
Thu, 08 Aug 2024 18:44:25 GMT
ilightbox.packed.js
despreserialero.me/wp-content/themes/sahifa/js/
78 KB
25 KB
Script
General
Full URL
https://despreserialero.me/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1920512
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 01 Mar 2024 19:42:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0dccDrcg7VyVYzl3aXHCUx2rmlpsWI59USZMDlhY2Q%2B%2FtBhKiEMkhxPD5XdqcT6%2FMsoa9vRm8yiocROh%2BM%2Blw9FqsunllELScfJx1lshf%2FOTgVcYSnyWFz2D4W1ZB8rH4IrYZS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8a9d34d0ddddbb4e-CDG
expires
Sun, 04 Aug 2024 08:40:44 GMT
owl.carousel.min.js
despreserialero.me/wp-content/themes/sahifa/js/
23 KB
7 KB
Script
General
Full URL
https://despreserialero.me/wp-content/themes/sahifa/js/owl.carousel.min.js
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1011814
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 01 Mar 2024 19:42:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGpDaS1VQHVvAJwVCwvbk1cpEx1bDAPI%2BX2chCMdlZVogz0zlk5QPHdIMugHW0KV%2Be9fnmdgmbzDXvT5GQId4pza80exKUHcNeA04fju8ZnDVwm0v2bx9liIF3nJi78kMlZTCcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8a9d34d0dddebb4e-CDG
expires
Wed, 14 Aug 2024 21:05:42 GMT
786c2789-a559-4851-a99a-fdf8b7d9816c
https://163.172.68.188/
1 KB
0
Other
General
Full URL
blob:https://163.172.68.188/786c2789-a559-4851-a99a-fdf8b7d9816c
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
body-bg7.png
despreserialero.me/wp-content/themes/sahifa/images/patterns/
21 KB
21 KB
Image
General
Full URL
https://despreserialero.me/wp-content/themes/sahifa/images/patterns/body-bg7.png
Requested by
Host: despreserialero.me
URL: https://despreserialero.me/wp-content/themes/sahifa/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://despreserialero.me/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1397023
alt-svc
h3=":443"; ma=86400
content-length
21146
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 01 Mar 2024 19:42:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LLnbV5Fq8GFmHrqbPF4yGzHppPNy2H1lh8J7j7yTDOI9Ox7TWeUZ6HKB7x77X%2B4RnD9l8e3lPUNaFTizbb6PhcLnIqopicH6DHqUcvmsuBcBESBmTfM8tlMdMsrfUtkgeHTW4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8a9d34d0dde6bb4e-CDG
expires
Mon, 09 Sep 2024 10:05:33 GMT
home.png
despreserialero.me/wp-content/themes/sahifa/images/
1022 B
2 KB
Image
General
Full URL
https://despreserialero.me/wp-content/themes/sahifa/images/home.png
Requested by
Host: despreserialero.me
URL: https://despreserialero.me/wp-content/themes/sahifa/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://despreserialero.me/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1377791
alt-svc
h3=":443"; ma=86400
content-length
1022
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 01 Mar 2024 19:42:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAwL%2Fv5MPSEQaMAplCdy1ePBojWPfzsISfbzF82dTVtzu5wDsa8Z%2F4J6CiS70Oqug3vkCh7Ez3GiUBRCvxHrIEOhRXo5INJfq%2BfgG2auBEn8Iis5HoGwiEcdjjwvabpC9nq0dwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8a9d34d0dde8bb4e-CDG
expires
Mon, 09 Sep 2024 15:26:05 GMT
stripe.png
despreserialero.me/wp-content/themes/sahifa/images/
93 B
620 B
Image
General
Full URL
https://despreserialero.me/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: despreserialero.me
URL: https://despreserialero.me/wp-content/themes/sahifa/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://despreserialero.me/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1542342
alt-svc
h3=":443"; ma=86400
content-length
93
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 01 Mar 2024 19:42:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjtJsTMzbrDM1q7%2FQKHOy8xZABtH870IXDL6wB73AoAvza0cMijeN5h5b%2FR7aLpcmALqFLU7Ujk8AGm9gGydgNXZCW5xGoHnwjfzp0cnGJsthU5pXN%2FdtDqrfXYtvMtYXQc9qJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8a9d34d0dde9bb4e-CDG
expires
Sat, 07 Sep 2024 17:43:34 GMT
fontawesome-webfont.woff2
despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/
0
0

SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://163.172.68.188
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 19:16:04 GMT
x-content-type-options
nosniff
age
413593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21224
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Jul 2025 19:16:04 GMT
BebasNeue-webfont.woff
despreserialero.me/wp-content/themes/sahifa/fonts/BebasNeue/
0
0

SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://163.172.68.188
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:45:59 GMT
x-content-type-options
nosniff
age
354198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22376
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 11:45:59 GMT
Nu-Ma-Parasi-Subtitrat-in-Romana-300x169.jpg
despreserialero.me/wp-content/uploads/2023/09/
14 KB
15 KB
Image
General
Full URL
https://despreserialero.me/wp-content/uploads/2023/09/Nu-Ma-Parasi-Subtitrat-in-Romana-300x169.jpg
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
283f345703d29e7c895590f1de0c7a70e84a670c4c6c9e8679a3c8159590feec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267852
alt-svc
h3=":443"; ma=86400
content-length
14376
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 15 Sep 2023 07:00:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D8UhuQWcLkd7rsPA5jUDORHKzJqmDX921ZNnN9%2FajnLTkiWwyRZgXKyWBRL9eCXsS%2B8kFYo6NfFUujtu3NoDgGCFDHXFeqEMlts7HAzABtHjM3B9ltyfp51AWzlxcSoEZPJW5xY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8a9d34d0fdf1bb4e-CDG
expires
Sun, 22 Sep 2024 11:45:04 GMT
Fatih-Harbiye-Destin-la-rascruce-Subtitrat-in-Romana-310x165.jpg
despreserialero.me/wp-content/uploads/2024/07/
12 KB
13 KB
Image
General
Full URL
https://despreserialero.me/wp-content/uploads/2024/07/Fatih-Harbiye-Destin-la-rascruce-Subtitrat-in-Romana-310x165.jpg
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e7e7bdd792d557bfb74b806188408919f3b7251c7ac7a0b6bbc797538864d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
685443
alt-svc
h3=":443"; ma=86400
content-length
12316
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sat, 13 Jul 2024 06:54:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmNsFOlgGCwnXfqa2STygIkYEmV1G861Vk8LxhPrJq8j4Pb8Y4H1bubo5DamCbRr6yG3136hb65GOvJWTHGan9FEWtkHC%2FyWaLuoPMy5oHhDdiGc4J%2BhHzJNJphjgZS5ENxBJT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8a9d34d0fdf3bb4e-CDG
expires
Tue, 17 Sep 2024 15:45:13 GMT
wp-emoji-release.min.js
despreserialero.me/wp-includes/js/
18 KB
6 KB
Script
General
Full URL
https://despreserialero.me/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:17 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1012587
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Wed, 03 Apr 2024 00:47:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqBIPdmqec1LF%2Bfv8BVZTW0Qra7TT0Zl6MCxcTbfdiKJ5MoPRW1aN2YYfgK3VsFL3xGHCpxtvQa1s204AdkWACSWQPikqriWBFTerXjXMFmFKuhEKSlzLQgy9rcvoVoNsLb5vjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8a9d34d13e1abb4e-CDG
expires
Wed, 14 Aug 2024 20:52:50 GMT
BebasNeue-webfont.ttf
despreserialero.me/wp-content/themes/sahifa/fonts/BebasNeue/
0
0

fontawesome-webfont.woff
despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/
0
0

show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407230101/
424 KB
143 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2957088714048101&plah=163.172.68.188&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2957088714048101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
29710b8827468afceaeb962f1e989bea6d65e33cadf14c154902c19e50848748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146385
x-xss-protection
0
server
cafe
etag
4189589312025570201
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Jul 2024 14:09:17 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-J54JNFRX0D&gtm=45je47o0v9178822455za200&_p=1722089356926&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=151067352.1722089357&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722089357&sct=1&seg=0&dl=https%3A%2F%2F163.172.68.188%2F&dt=Despre%20Seriale%20ro%20%7C%20Despre%20Seriale%20Turcesti%20%7C%20Despre%20Seriale&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1128
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J54JNFRX0D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 14:09:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://163.172.68.188
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.ttf
despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/
0
0

zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240724/r20110914/ Frame 8D3C
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240724/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2957088714048101&plah=163.172.68.188&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
47565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jul 2024 00:56:32 GMT
etag
2738592464165616
expires
Sat, 10 Aug 2024 00:56:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 14:09:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: 163.172.68.188
URL: https://163.172.68.188/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 14:09:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4AA1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2957088714048101&output=html&adk=3046330955&adf=2044148826&abgtt=6&lmt=1722089357&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F163.172.68.188%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_8~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722089357115&bpp=3&bdt=378&idt=273&shv=r20240724&mjsv=m202407230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4671838330260&frm=20&pv=2&ga_vid=151067352.1722089357&ga_sid=1722089357&ga_hid=1273358624&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C44795921%2C95331690%2C95334527%2C95334829%2C95337868%2C95338257%2C95336267%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=116660732927034&tmod=1600209982&uas=0&nvt=1&fsapi=1&fc=1920&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=286
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2957088714048101&plah=163.172.68.188&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jul 2024 14:09:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240724&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2957088714048101&plah=163.172.68.188&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
6115c02503b90c720c87dbb3744b5068bbefe9575b992f337f90fd83885899e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12905
x-xss-protection
0
download.jpeg
despreserialero.me/wp-content/uploads/2024/01/
5 KB
6 KB
Other
General
Full URL
https://despreserialero.me/wp-content/uploads/2024/01/download.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a51de9505509987d3b15937a001fc39808e85354b8088ef9656a14c8e363510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:17 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182925
alt-svc
h3=":443"; ma=86400
content-length
5501
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Wed, 31 Jan 2024 15:57:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLKVz5GEPz%2F78kUxMVzTahCSX3eotARwajFLPdbrmqloAl%2BdKU0bxj%2BSLWKHaDTYorioJicWM%2Fl2jIQDqDnmpo7sUCFNwykRSJrQ7HcuMn0PzNhmHRqQWMnQriY0TdglF1I3Iu0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8a9d34d4f8ccbb4e-CDG
expires
Mon, 23 Sep 2024 11:20:32 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2957088714048101&plah=163.172.68.188&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 14:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jul 2024 14:09:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5721
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://163.172.68.188/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
22736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jul 2024 07:50:21 GMT
expires
Sun, 27 Jul 2025 07:50:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C27A
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZCU6pASKaTAIxy7izlwtRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://163.172.68.188/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZCU6pASKaTAIxy7izlwtRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jul 2024 14:09:17 GMT
expires
Sat, 27 Jul 2024 14:09:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
despreserialero.me
URL
https://despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Domain
despreserialero.me
URL
https://despreserialero.me/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Domain
despreserialero.me
URL
https://despreserialero.me/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.ttf
Domain
despreserialero.me
URL
https://despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff?v=4.7.0
Domain
despreserialero.me
URL
https://despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.ttf?v=4.7.0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240724&jk=116660732927034&bg=!LS6lLmHNAAYaZPuaOmQ7ADQBe5WfODcdQeHVLR2GuScF2-_CkN6xRlsPISHMxcZ12SEtUDYcQdeUMOgsV_oGN_cQHnUWAgAAADtSAAAAAmgBB34ANjgn64s5revsEkPtpA6KE9IK1a5OZFS2Zah3u4Pmlhvot55iK9wdlK1l5OA7GorI1Qh1t_awX5kCsUee9pUJyTNI8Xn2teWH3QZbxE7bF7vWkCKDsXWuOtKECKPpRdv0GfEdQ6Wr2HVkV1RfRVvjJgWChBbNkc1hcVZ_ET1nsLRFn8SFb7u2WVcEpkTmMHxH57daYbZkPsTk2U-Wc1wRsUSrIR__bmT_L7iBFCeKUyaL3nc7BtawID5_Ow5F1XAeZYyMuSh5ecG2RV4tL7pX1sik7BqK_mosfq8wTomV5J3PCn2CxideSSCH3khnD1FSkZVRoPkcafI2418NwHaufynQxmPJULjyP_VDNC_XYOD-F8x-bvhISZ49aWtxNQrzmDIZnULOnywGBeRpRWssKdS51I1Q19-2U5_7x_gUXRHO-LA8cirvxhDnR2Osm7tcQr_j1K8NEKIC0fgBJpLSDYY_7TBUzCgS_QrZvBn2iud4CQk9I2a9omG6hSRihkDIF8x2YRw_xuXB_xX68sPKNURPDRfVoVEIXgXp4E-5eRRX2_2Onc-5TIOWS8EeZHnfeyzS13BEeHs4KIYkQJYCH5OVPc1DvWGottoE63C2Bxw8Zkn0dKiC3Immn7M3vQKLY2c8ciRYQTJ5BHkewOnh444oaQwtNIWRxYRXIRPb92oxI6ujctmc-qBrsk9hD_6Vt3iq6lgK8NSsxe3MnI4wuCYINDv1DYrNzCtaWwaEupD3nAR7pf9s4aiRduz85IdfC2bObOu_dH6r446yfAO6WnkQS6cgI8iADZ_ANiDONp4M1Y-JU5Rvp7uFFDIEL_9IMr9JKNJ8tPYsi6gYuY3WZG0rEAdiwA8Yn9SzuYUPDKtAyTTBmktfEx8MyJtIo-Perrf186I0o8qmhs1073xIHDGMbKAkXklm5YmJx39Cp-vkJMl2TNF2GMqKSwnMWaTmomXJpwKcqda6VyBJiEgXY0MVPu6Vsa-sU7j5

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| _wpemojiSettings function| jQuery function| gtag object| dataLayer object| tie function| createTicker function| typetext object| tie_isMobile object| html5 object| Modernizr function| yepnope object| browserPrefixes object| $window object| $the_post object| $wrapper object| php_js boolean| isActive object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

2 Cookies

Domain/Path Name / Value
163.172.68.188/ Name: _ga_J54JNFRX0D
Value: GS1.1.1722089357.1.0.1722089357.0.0.0
163.172.68.188/ Name: _ga
Value: GA1.1.151067352.1722089357

10 Console Messages

Source Level URL
Text
javascript error URL: https://163.172.68.188/
Message:
Access to font at 'https://despreserialero.me/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff' from origin 'https://163.172.68.188' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://despreserialero.me/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://163.172.68.188/
Message:
Access to font at 'https://despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://163.172.68.188' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://163.172.68.188/
Message:
Access to font at 'https://despreserialero.me/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.ttf' from origin 'https://163.172.68.188' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://despreserialero.me/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://163.172.68.188/
Message:
Access to font at 'https://despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff?v=4.7.0' from origin 'https://163.172.68.188' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://163.172.68.188/
Message:
Access to font at 'https://despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://163.172.68.188' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://despreserialero.me/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.ttf?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

despreserialero.me
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
despreserialero.me
pagead2.googlesyndication.com
142.250.185.132
163.172.68.188
172.217.16.194
172.67.165.159
2001:4860:4802:32::36
216.58.206.66
2606:4700:3034::6815:1002
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:811::200a
2a00:1450:4001:82f::2008
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
283f345703d29e7c895590f1de0c7a70e84a670c4c6c9e8679a3c8159590feec
29710b8827468afceaeb962f1e989bea6d65e33cadf14c154902c19e50848748
4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58e7e7bdd792d557bfb74b806188408919f3b7251c7ac7a0b6bbc797538864d1
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
6115c02503b90c720c87dbb3744b5068bbefe9575b992f337f90fd83885899e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
94f5d24ba65643e721feed18b1c501c95283984dde81d1195b84397516044b8e
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9a51de9505509987d3b15937a001fc39808e85354b8088ef9656a14c8e363510
b207894ecd301b5f3837411a977a3016a10487eaf9310c80ae0fa73fa8968812
c250be19f51f5415b0e63268e11f903cad6d3341546cc3ca1d1febfcf6cb81db
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d0d6e641918d96eab6ca52a42423b26addbd69e95af4473a6936231acb454446
d8e07b89664d809ef3afad52b3294e49ce3c533f7ad2c1b76b4399ddd7f0eb6f
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62d244a8ba87ba4f07250da0e9b31327b74e7dd2ffa5e33eef3e6cc3c9ff631
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216