info.rosecrossinfo.com Open in urlscan Pro
3.231.241.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://info.rosecrossinfo.com/
Submission: On October 03 via manual (October 3rd 2024, 10:54:07 am UTC) from CZ — Scanned from CA

Summary HTTP 83 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 11 domains to perform 83 HTTP transactions. The main IP is 3.231.241.38, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is info.rosecrossinfo.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on September 23rd 2024. Valid for: a year.

This is the only time info.rosecrossinfo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.231.241.38 3.231.241.38	14618 (AMAZON-AES) (AMAZON-AES)
16	2600:9000:251... 2600:9000:2510:8000:4:cb6e:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
3 8	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c01::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::64	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:400d:c04::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c07::84	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:400... 2607:f8b0:400d:c0d::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0f::6a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:400d:c0e::5f	15169 (GOOGLE) (GOOGLE)
3	173.194.204.155 173.194.204.155	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c0d::5e	15169 (GOOGLE) (GOOGLE)
83	15

1 3.231.241.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-241-38.compute-1.amazonaws.com

info.rosecrossinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:2510:8000:4:cb6e:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

files.dreame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1b::9a (Washington, United States) 3 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c01::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:400d:c04::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c09::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

663e4dbbfe47dfe976b33ee6fbb7f2d9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0f::6a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c0e::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.204.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c0d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 663e4dbbfe47dfe976b33ee6fbb7f2d9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	74 KB
16	dreame.com files.dreame.com — Cisco Umbrella Rank: 189738	1 MB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 517	104 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	75 KB
9	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	229 KB
5	gstatic.com fonts.gstatic.com	70 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	60 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	104 KB
1	rosecrossinfo.com info.rosecrossinfo.com	7 KB
83	11

	Domain	Requested by
16	files.dreame.com	info.rosecrossinfo.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com info.rosecrossinfo.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
9	securepubads.g.doubleclick.net	3 redirects files.dreame.com securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googleadservices.com	info.rosecrossinfo.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	663e4dbbfe47dfe976b33ee6fbb7f2d9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	files.dreame.com
1	info.rosecrossinfo.com
83	14

This site contains links to these domains. Also see Links.

Domain
files.dreame.com

Subject Issuer	Validity	Valid
*.infocrossroads.com Amazon RSA 2048 M02	`2024-09-23` - `2025-10-22`	a year	crt.sh
files.dreame.com Amazon RSA 2048 M03	`2024-02-23` - `2025-03-24`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
misc-sni.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://info.rosecrossinfo.com/
Frame ID: 352E43EBF9432B6BDD854C4759F4077B
Requests: 38 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: CA6ED58B9D5CD3E4091834C430533B6E
Requests: 1 HTTP requests in this frame

Frame: https://663e4dbbfe47dfe976b33ee6fbb7f2d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 89ACFA0F5ED37339FBDCB941C7EDFD55
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 9C024F74864469250F7B1FDD081A8B94
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC211171F1BA039A03A0653780E0CBF9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Frame ID: B6D041DF1964AAD02A7C30729FAD47D4
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Frame ID: C614ADC1E075131A97436AAF6A5D273A
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Frame ID: E46014EFD11409F6596FD04D8B65F50B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

INFORMATION-LIST

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

83
Requests

95 %
HTTPS

86 %
IPv6

11
Domains

14
Subdomains

15
IPs

1
Countries

1728 kB
Transfer

3732 kB
Size

9
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://files.dreame.com/S/wehear/privacy/About-US.html
Title: About US

Search URL Search Domain Scan URL

URL: https://files.dreame.com/S/wehear/privacy/Privacy-Policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://files.dreame.com/S/wehear/privacy/User-Terms.html
Title: User Terms

Search URL Search Domain Scan URL

URL: https://files.dreame.com/S/wehear/privacy/Contact-US.html
Title: Contact US

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://securepubads.g.doubleclick.net/pagead/adview?ai=CmT-0y3f-ZpGAC_eRqMwPq_L0wAL8oMyqeobB94ubE9-864-UDhABIJ-tzIQBYP2AgIDoA6AB6f31zwPIAQngAgCoAwHIAwqqBK8CT9Dxe5Bklb9844bRg_Z6r9iVuq2NGho_y8STU5C-HhtpzxTRcY4lg0jyar7DP74dCSzVqpGwy4CVktTOhNoZAt6zWYHlq0AtPtjHo3z0hNjG0WAUkKEKwQs7Oxh23Q05dnpLvYMojBaA4JSBgTqQkR0w-uoK_AhVTZHHZ-YXpSmT64ZtGeeYiIveDG5W19bYwG0Umvv-29DReheMsmPrxBv0qA2alKvclgDAGT5gJEY8zv1HwNwicG4E9VuxCdoQxVcEBIGZMkxZu4HRUTlByq9tgeSz0Za308VTNgXUkNKcPAvIjEWUE0p33ly6vxSe3_HB-H-J2YP55swQhZMT9PoerHpgQjUKWJ3kgPDsHcWgfB3CSykTD1m-vv98tCNyt4NflP-3iu2FHBf5B2vgwATX7MOE7gTgBAGIBded8_ZQkgUECAQYAZIFBAgFGASgBi6AB5_kirgEqAfVyRuoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBRD9s8cH0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYuImf-4XyiAOaCUpodHRwczovL2Zhdm9yaXRlc2VhcmNoZXMuY29tL2luZGV4LnBocD9yZ2lkPTEyMTY4MzAmc3ViPWdjbGlkJmdhZF9zb3VyY2U9NYAKA8gLAdoMEQoLEPCz64SOkYjN8AESAgED4g0TCNWsn_uF8ogDFfcIigMdKzkdKOoNEwi18p_7hfKIAxX3CIoDHSs5HSjYEw3QFQGAFwGyFyAKHAgAEhRwdWItMzg2NDIzOTIwMTUzODI3Nxj0oHsYAboXAjgBshgJEgKgZRguIgEA0BgB6BgB&sigh=xs0FbxfGjDQ&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTgDpaXnfIRTzYby4BD7KKlNhvxAIKndLXgtd6h36XL0v-NYMpQUs4_thKICdennM_ETYHK7_KoZVVOxiHhsYZW23rQUhkUyBB5lR1graFBgB&template_id=5000 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1414905ced33556c0000000000000000%22,%222%22:%220xf7dae97d3e372f6f0000000000000000%22,%223%22:%220x38516506a6795e330000000000000000%22,%224%22:%220xdc7673d35aa9ee760000000000000000%22,%225%22:%220xef09308fe4a744570000000000000000%22},%22debug_key%22:%227403839426886734644%22,%22debug_reporting%22:true,%22destination%22:%22https://favoritesearches.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217980780860841896465%22}&andc=true

Request Chain 65

https://securepubads.g.doubleclick.net/pagead/adview?ai=CrfwJy3f-Zr-zL8iTqMwPoqS1gAH_ieGMeq-LidaYE2QQASCfrcyEAWD9gICA6AOgAbDKx-kDyAEJ4AIAqAMByAMKqgSxAk_Q83G_2-qeflfEz007BiqBV7dufmzakYLhkJzdZYq7CqSOd6OBRI1GoCOKMRNjE10JqGp0dkdTvR25K1sreYRfa4umO_xf0K0ymo5Xxvo_3QFXx6se6MJROhWp8BZjp9I7WEHnlSxtw6BW_Sod3IidRaTZ9-M9dPjbs4G6_DXo0-FCBd34Eo4CWvHraY2-39ew0zV39A4MtxeoOOwPOvxYuPOUYaiETAk7Q3pO9Q5y-fesRGKFnkq8VdNTk0xqzinjo4pbJHSvhfSbOZmyBzyxj4csxT2HS4Hth5v9ztBbwPH9RPELDP4XZANY3krtdjuTTdRYtvz77qZzj8gTz8RvnfymNdqucI04PvLc34XiYusIJvPlXAs0thUbXJjTK5LTBwOoPP78gQK02SnzvglxwATZ2qey_ATgBAGIBavmk-FQkgUECAQYAZIFBAgFGASgBi6AB7i1uBaoB9XJG6gHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcFEMnM9wPSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOljuip_7hfKIA5oJqgFodHRwczovL3d3dy5zcGdsb2JhbC5jb20vbWFya2V0aW50ZWxsaWdlbmNlL2VuL2NhbXBhaWducy9lbnRlcnByaXNlLXNvbHV0aW9ucy1wcm9ibGVtcy1zb2x2ZWQ_Y3FfY21wPTIxNjc4NTg0NjE5JmNxX3BsYWM9aW5mby5yb3NlY3Jvc3NpbmZvLmNvbSZjcV9uZXQ9ZCZjcV9wb3M9JmNxX3BsdD1ncIAKA8gLAdoMEQoLEICciO7-zZ3dpQESAgED4g0TCMfAn_uF8ogDFcgJigMdIlINEOoNEwjtgKD7hfKIAxXICYoDHSJSDRC4E-QD2BMO0BUBgBcBshcgChwIABIUcHViLTM4NjQyMzkyMDE1MzgyNzcY9KB7GAGyGAkSArFfGC4iAQDoGAE&sigh=qiiNuJnzr6w&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwDpaXnfqQOkLduzZnKRaDnLtQCgh4ihFzTU1EldxVjZWpMiGI64GYGK6lQ5HAoZ5mScsr7aVtYxfuuNypc1MY6iqWXnPA18eigbv0ym0zUYAQ&template_id=484 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x448bdd04c95e52530000000000000000%22,%222%22:%220xeef121fd9737e6d20000000000000000%22,%223%22:%220xee0be912ae91ccbc0000000000000000%22,%224%22:%220x5992b851d3a632c80000000000000000%22,%225%22:%220x5ae4a6714b9db3b60000000000000000%22},%22debug_key%22:%221847477436592289467%22,%22debug_reporting%22:true,%22destination%22:%22https://spglobal.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221026680112%22],%2222%22:[%22true%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214119726908532611777%22}&andc=true

Request Chain 76

https://securepubads.g.doubleclick.net/pagead/adview?ai=CCkk7y3f-ZsCzL8iTqMwPoqS1gAGLiei7etCxquSxENSO4JekLRABIJ-tzIQBYP2AgIDoA6AB7OWOzALIAQngAgCoAwHIAwqqBLUCT9BSP3Zyg4KpVYAZR1WP36IoeZnVP5C7hK8PelpHlMrvNlwbx0ArxhCrNO_2yxBl3wACufefYafBU-4DenpDswekpUA5jr3n35N8e3symxX_L_3uAaEqTxwmeWj82sU-RVCfUqRveidJkDrHFgX04epZIhPL7aeg5n_fZe4YHnQGVyaSWKUyTUgiW8ZhOFRMC8nLelYaXvV31UMeioWn3cwxF7WCociSkzwVjMYThVodI8YzgHB13BjVQqxAKoFq0wT_SZR79iSKGc5O6TeoPxWub8mUHEFdgEflwKcFJPjf1Q93C7bRQfFdjc_7jorB450iKjwBBFtGcwX3-excYoDBtMP7c1dZQwBrff8RVqrtGQHX-F1fwdNzY1_tEmyNN2ie2uDLtfOf3-eytHOa72XcZ-yjwASDvc3ilgTgBAGIBa_m2aRGkgUECAQYAZIFBAgFGASgBi6AB_yZ8bMBqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBRCXkvIB0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpY7oqf-4XyiAOaCdUBaHR0cHM6Ly9zZWFyY2gueWFob28uY29tL3locy9zZWFyY2g_aHNwYXJ0PXlhaG9vJmhzaW1wPXlocy1tbjIzJnA9Y2xpZW50K2RhdGErbWFuYWdlbWVudCtzb2Z0d2FyZSZ0eXBlPTZOSVIxVzQmcGFyYW0xPXtnY2xpZH0mcGFyYW0yPWJjZF8xODg2NzQ1MDY3MV8xNDM1NTEzMjM3NzlfZCZwYXJhbTM9YmNkX0tzUGR3STVtWjJ3UU9nPT0mZ19hcD1nZ3QmZ2FkX3NvdXJjZT01gAoDyAsB2gwQCgoQ4Nzx1e6vh_ZmEgIBA-INEwjIwJ_7hfKIAxXICYoDHSJSDRDqDRMI7oCg-4XyiAMVyAmKAx0iUg0QuBPkA9gTDIgUAtAVAYAXAbIXIAocCAASFHB1Yi0zODY0MjM5MjAxNTM4Mjc3GPSgexgBuhcCOAGyGAkSArhQGC4iAQDQGAHoGAE&sigh=JpAkhk-Cjj8&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwDpaXnfqQOkLduzZnKRaDnLtQCgh4ihFzTU1EldxVjZWpMiGI64GYGK6lQ5HAoZ5mScsr7aVtYxfuuNypc1MY6iqWXnPA18eigbv0ym0zUYAQ&template_id=484 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xae3ff56b54cd8f980000000000000000%22,%222%22:%220x2c0cb98df78679100000000000000000%22,%223%22:%220xb9328d229c334c980000000000000000%22,%224%22:%220x9e77eceda4d192ed0000000000000000%22,%225%22:%220x74cb031497f684a80000000000000000%22},%22debug_key%22:%2213132058292421682822%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22696496876%22],%2222%22:[%22true%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226386270326499655441%22}&andc=true

83 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
info.rosecrossinfo.com/ 19 KB
7 KB 361ms
123ms Document
text/html 3.231.241.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.241.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-241-38.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2fea20fe6f36534bbbc272cd8016487f4369125a954facee861448d1166dae51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 03 Oct 2024 10:54:01 GMT
etag: W/"108015d6b507a96299cdb802c0340f7c"
last-modified: Sun, 29 Sep 2024 03:30:49 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 b051e9c33308597b659c33b8999b521c.cloudfront.net (CloudFront)
x-amz-cf-id: O_3qoVbhbzcoMzu-DL0hGPjA-7hnYJ-OgpUOLs0-Y3Mx7KCuH5pOkQ==
x-amz-cf-pop: IAD89-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: ucwDgCXaKZOJlseMdWuW9g2FbVHGPMJO
x-cache: Miss from cloudfront

GET
H2 200 1727573202366533.png
files.dreame.com/wehear/ 3 KB
3 KB 476ms
128ms Image
image/png 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727573202366533.png
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 512525444c8d60bb6b5e93a03bf88d5b48bd25bc576095c271ab1e9f605cfc71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Origin
x-amz-version-id: 6B.M6A_K4_orsfvgAkd1AQRGMeycvfyS
etag: "675d2a9fde7eb3bcf7786ea3d8e70b05"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 3044
x-amz-cf-id: 9aU08FpnEjp8AzlWB6BXVvY9vfXeigAyOQ6MeQObO1xawBaLkwpdbA==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: image/png
last-modified: Sun, 29 Sep 2024 01:26:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 136b92581960d450a0b1329af8480455.png
files.dreame.com/S/image/ 368 B
791 B 474ms
127ms Image
image/png 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/S/image/136b92581960d450a0b1329af8480455.png
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 554b4ae973cd487bdb7f42d4acea9658e89e43dc2323840ebf9aedfa1c3f3129

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Origin
cache-control: max-age=15552000
x-amz-version-id: aRMoACYlF5D.kuFx04XYI_pZkBdSWx_p
etag: "233dd971ee20ee1c15843da28189832d"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 368
x-amz-cf-id: _LEsrHGJqGtOzXjbHyQ2BhfH6l631BIO_rYjmrNX7Qh9CL4xMd84ig==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: image/png
last-modified: Thu, 01 Aug 2024 11:58:09 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 53d9866db2d5aa32ce52d202190436ca.js Show response
files.dreame.com/S/file/ 5 KB
2 KB 414ms
67ms Script
text/javascript 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dreame.com/S/file/53d9866db2d5aa32ce52d202190436ca.js
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d52dd7c0e687b77ba3901803ccdfca345b1bf1b2fd0e6f0c69a5373edf2531d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=15552000
content-encoding: gzip
x-amz-version-id: 65AQ2P6iyWK.jPB5SSiEH9F7Ui_Qfu60
etag: W/"8afd031cc211575e8bb8e2912345be6d"
age: 549056
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 7x-onpimTj8trlnhrSmu7Z02f0C-ngTkQSlmsC84k2tB6ouU1p0pAQ==
date: Fri, 27 Sep 2024 02:23:06 GMT
content-type: text/javascript
last-modified: Thu, 26 Sep 2024 06:14:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 723f35919db7aa57403e0507b1de5df3.js Show response
files.dreame.com/S/wehear/static/ 2 KB
1 KB 430ms
83ms Script
application/javascript 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dreame.com/S/wehear/static/723f35919db7aa57403e0507b1de5df3.js
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd1c9b507bb625a6867eed0c261a7663bb95f52a01c0c93be97365f800b85f3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: Q9mOvMxmUyXgx7nIndFuYksz957lm4Xl
etag: W/"723f35919db7aa57403e0507b1de5df3"
age: 1574882
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: dMRs76l241ONCC99Gj1vlUvBWf_KYZgFpS8Ytf4vOscysXiri9oy1A==
date: Sun, 15 Sep 2024 05:26:00 GMT
content-type: application/javascript
last-modified: Sat, 14 Sep 2024 19:17:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 fc64beab6b110af7a0809977a68c5494.js Show response
files.dreame.com/S/wehear/static/ 18 KB
5 KB 386ms
68ms Script
application/javascript 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dreame.com/S/wehear/static/fc64beab6b110af7a0809977a68c5494.js
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc41558a01362a07b2546e355795c2bcfab3cb8d7dd396444cef874e49433b3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: i1VEnCBMBzNhcqbymhmdQyxuo5joc2uI
etag: W/"05bbd5c07c4a052567cd50184f7b0682"
age: 549056
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: GXzI4yRJysfF8QeLSjj6p6kxcVjpRbaotb6xTUCpeYIEz4IbgHBMTA==
date: Fri, 27 Sep 2024 02:23:06 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 22:31:09 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727148304804713..jpeg
files.dreame.com/wehear/ 106 KB
106 KB 211ms
206ms Image
binary/octet-stream 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727148304804713..jpeg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3cd1edc73fc9576a547cbeb6ae0bcf333b943637adb760a9ee4303c8a99542c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

x-amz-version-id: QHmK4SXCoOI23Ry4NhaFNQcBCZ6Rux10
etag: "fbdfdd754e31956bc0ac824536b9d66f"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 108432
x-amz-cf-id: cy9zy8X6ES_Zs8Nt0stK9BaRQItL8nlOyH4fDdWhN1dTbGHvqmGaag==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: binary/octet-stream
last-modified: Tue, 24 Sep 2024 03:25:07 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727148896139355.jpg
files.dreame.com/wehear/ 55 KB
56 KB 178ms
173ms Image
image/jpeg 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727148896139355.jpg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ec7f525efa063f097bbec34f5fea62baf4c7038f4064cc167fc526b7b282b27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Origin
x-amz-version-id: GlxQP8NJ4cS8aaCuGGFMNQLI2ShoJy4B
etag: "2f6fda707a472865605403fa62a02566"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 56778
x-amz-cf-id: ClHp1-Z96RREUlU0hJcth6EC_JDa4MozawJVdNLQqmb9I_qOA7zDzA==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: image/jpeg
last-modified: Tue, 24 Sep 2024 03:34:58 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727149256755034..jpeg
files.dreame.com/wehear/ 136 KB
137 KB 259ms
255ms Image
binary/octet-stream 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727149256755034..jpeg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7c5d5813fdb48fd8f442074b92fc19fdcc7f9285b1d10f99af0b50c67bdff13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

x-amz-version-id: E_5RqH7E9tTNUeKLMbagzV35jwYRkmna
etag: "6d900e2c8ed84880eb4b5b6d075060ce"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 139719
x-amz-cf-id: 29gxP0Beu-W6ZPvmar_NRLsIG5cFHwziO-T8NTaqufHW4ljuJ4AFfA==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: binary/octet-stream
last-modified: Tue, 24 Sep 2024 03:40:59 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727149718668469..jpeg
files.dreame.com/wehear/ 101 KB
102 KB 254ms
250ms Image
binary/octet-stream 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727149718668469..jpeg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58cf0662f6f7ded266580afe51a1fe9228363a48c06e5a73d9f5e2555a0c55a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

x-amz-version-id: SZp4z_oGlw5kWZsri.przq8UiV0ti0v2
etag: "66e7b0f2ff9831a691cb13c891889a24"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 103488
x-amz-cf-id: JknSi1RzVCncnOLPwakDmF82wj8feRbyM-C5DgBTQoLSpbQsZ07rrQ==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: binary/octet-stream
last-modified: Tue, 24 Sep 2024 03:48:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727150120825998..jpeg
files.dreame.com/wehear/ 162 KB
162 KB 234ms
230ms Image
binary/octet-stream 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727150120825998..jpeg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4027e0d9305b6e43c82b454505269a38a220c57eea70f80d368fe22f766b58fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

x-amz-version-id: 4rGz3H7EjW7uU9yVf.aOHFuB1IwXxdsY
etag: "c3fd4ff5d79a3f9826c0e4d7aa71cc9e"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 165793
x-amz-cf-id: uwpibfuGRAsxgxmv2Oee8I1SZN86wmdLuQz6kTKEMJvQt9fmn7uyLg==
date: Thu, 03 Oct 2024 10:54:03 GMT
content-type: binary/octet-stream
last-modified: Tue, 24 Sep 2024 03:55:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727150597615113..jpeg
files.dreame.com/wehear/ 137 KB
137 KB 247ms
243ms Image
binary/octet-stream 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727150597615113..jpeg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbdf422b9b6701c7befada147f8cd0c2f8ec0af87f7ddd4883d078ce617421ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

x-amz-version-id: eqPBgu2Za1lO5LOFPY045eRFLnC0L9HL
etag: "7bbaa0b81737dd84bd7b521339cbd315"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 140024
x-amz-cf-id: NjtUsrvYZ-DET9cjU86dqt5ndG9O6y1n8roMniv1YmglessXmZub4w==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: binary/octet-stream
last-modified: Tue, 24 Sep 2024 04:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727152213680502.jpg
files.dreame.com/wehear/ 70 KB
71 KB 228ms
224ms Image
image/jpeg 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727152213680502.jpg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77771728a00a2d8a0a64933a4ae7d54c050354bbff95ae0f8ac06047968c8145

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Origin
x-amz-version-id: zQazOMLrjMBidrClE7XvphD7kSKnBU7P
etag: "b2e9873516318804704e1b7e0f0702f0"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 72093
x-amz-cf-id: BJ-7PLmaaNgqJBqJguH6bF_c_m6bB-YHmW6nnKpfO4fj_UivqaKkVA==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: image/jpeg
last-modified: Tue, 24 Sep 2024 04:30:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727239023946972.jpg
files.dreame.com/wehear/ 139 KB
140 KB 252ms
248ms Image
image/jpeg 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727239023946972.jpg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a145e2c928aad2a389b341a06ac46a783f324d523529fc9c6a74d68557fba4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Origin
x-amz-version-id: xCeHZsqwoYyfghzbPnsumrI3MtCPDMH4
etag: "f0590cab87fb3225ae271dd7c8c0684c"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 142596
x-amz-cf-id: imjGWDVpeVm5VHaPFN9JLl0B2QPB-iel_wQy0vs60NsF33F8tKlbWA==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2024 04:37:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727240941708751..jpeg
files.dreame.com/wehear/ 96 KB
96 KB 306ms
303ms Image
binary/octet-stream 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727240941708751..jpeg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9849b6e957d5a4a4e023aa9c4b107ba712e0fdf5a0ee8698b7e0eedf5e645717

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

x-amz-version-id: 1TMEiLF_skQIvbxWYVVPotO_IXZEZfiw
etag: "5c5e6bb2dcbad79590fbc7b18f6493c3"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 97877
x-amz-cf-id: XgFaYA1UzB_B0BRoRI2J6YMlUSKR9SY6y3Jy2gttqw3tfkVxKZsHBw==
date: Thu, 03 Oct 2024 10:54:03 GMT
content-type: binary/octet-stream
last-modified: Wed, 25 Sep 2024 05:09:04 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 1727241342167963.jpg
files.dreame.com/wehear/ 40 KB
41 KB 180ms
178ms Image
image/jpeg 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.dreame.com/wehear/1727241342167963.jpg
Requested by: Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92eea4056c81d0194679f95d9c0af27a00aa4c2d0d731ecdc404d361c3107112

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Origin
x-amz-version-id: cgOeCK9NGs2cVftiU.p3fIWJF.hqTphD
etag: "88d2a715ca68ef6df7218db6e26a0e9d"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 41102
x-amz-cf-id: UQiunHO6HrXYfODKSbqZz0eG5NhSsYZu9zlKqejvjbroxM0Un9CmVw==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2024 05:15:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
32 KB 233ms
70ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: files.dreame.com
URL: https://files.dreame.com/S/wehear/static/fc64beab6b110af7a0809977a68c5494.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8fbcb76b6b03aa004d87312afc11d45d9d2267d2c8a09afc3c29b4fc9b62ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: 18 / 19999 / m202409260101 / config-hash: 985063253086454253
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 10:54:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 32686
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
104 KB 275ms
113ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VQSHHWCSFP

Requested by

Host: files.dreame.com
URL: https://files.dreame.com/S/wehear/static/fc64beab6b110af7a0809977a68c5494.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83e9b4120b526b002b0cd95b1b0a5a7273378ee946925ca6371e202a71ce534b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 03 Oct 2024 10:54:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105979
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 1727573202366533.png
files.dreame.com/wehear/ 3 KB
0 0ms
0ms Other
image/png 2600:9000:2510:8000:4:cb6e:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dreame.com/wehear/1727573202366533.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8000:4:cb6e:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 512525444c8d60bb6b5e93a03bf88d5b48bd25bc576095c271ab1e9f605cfc71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

vary: Origin
x-amz-version-id: 6B.M6A_K4_orsfvgAkd1AQRGMeycvfyS
etag: "675d2a9fde7eb3bcf7786ea3d8e70b05"
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 3044
x-amz-cf-id: 9aU08FpnEjp8AzlWB6BXVvY9vfXeigAyOQ6MeQObO1xawBaLkwpdbA==
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: image/png
last-modified: Sun, 29 Sep 2024 01:26:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/ 478 KB
148 KB 50ms
50ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a373ae6214168509dc4fe047f320b9d27bd87ed907d66806ce9b865ca55042a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: 13004938057169377323
age: 80250
x-content-type-options: nosniff
expires: Thu, 02 Oct 2025 12:36:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 02 Oct 2024 12:36:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 151619
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 319ms
140ms Fetch
text/plain 2607:f8b0:4004:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VQSHHWCSFP&gtm=45je4a10v9196316047za200&_p=1727952841900&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1191321257.1727952842&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727952842&sct=1&seg=0&dl=https%3A%2F%2Finfo.rosecrossinfo.com%2F&dt=INFORMATION-LIST&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1243
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VQSHHWCSFP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://info.rosecrossinfo.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 22386372773 Show response
fundingchoicesmessages.google.com/i/ 200 KB
66 KB 575ms
106ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22386372773?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ceabdc803505699d0269423f8217a67265b5202267506788de4001b01c316284

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qExs9MKHOuj1tBrs0T6s7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:02 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwLx0vuXWdcCcZHEFdYGIL7ddIX1MRAL8XCcev9zO5vAiaYVJ5iVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDAz1DEziCwwAPj1Kiw"
content-security-policy: script-src 'report-sample' 'nonce-qExs9MKHOuj1tBrs0T6s7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxU7Bv_FLTf0fxWRbcF1vZBaf6ikW9dW_ph7r_3w9S3nZN7o6NaMz8en-gVPN8aX4mxKgUyFqfyYgS7qqnBEOF_U53e-W78hWQR4MgQVQoY49vSq18-KHI3FGGAzV20pfn1QvbMvxQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 79ms
77ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU7Bv_FLTf0fxWRbcF1vZBaf6ikW9dW_ph7r_3w9S3nZN7o6NaMz8en-gVPN8aX4mxKgUyFqfyYgS7qqnBEOF_U53e-W78hWQR4MgQVQoY49vSq18-KHI3FGGAzV20pfn1QvbMvxQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3OTUyODQzLDgwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2luZm8ucm9zZWNyb3NzaW5mby5jb20vIixudWxsLFtbOCwibzFQYVFncW1KN0EiXSxbOSwiZW4tVVMiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY4XSxudWxsLDRdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.o1PaQgqmJ7A.es5.O/am=YDA/d=1/rs=AJlcJMxuzfQm058eSx1D23Be9Ev4e9tjQA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33b16c5577bb926eab5136e205b76a073a0b81a678bded2bc9ecfd3316108ff6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KZi67VGSXPmD3YfS7b9tBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:03 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mDU4pJicNSQYjhx6zbTBSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8bc9l1j_AfHej5dYjwLx0vuXWdcCcZHEFdYGIL7ddIX1MRALcXOcfv9zO5vAjBtz7ZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MDPUMTOILDACBPVQ9"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KZi67VGSXPmD3YfS7b9tBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame CA6E 0
0 213ms
51ms Document
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.rosecrossinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29417
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 10:36:55 GMT
expires: Thu, 03 Oct 2024 11:26:55 GMT
last-modified: Mon, 30 Sep 2024 19:42:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 243ms
70ms XHR
application/json 2607:f8b0:400d:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202409260101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6ee11cce11a9d8b219571f0432c7a62f84d001c14dd8e251edf9fa87c7fbc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12886
date: Thu, 03 Oct 2024 10:54:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 131 KB
19 KB 1868ms
1867ms Fetch
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1237536242638097&correlator=3060147069993658&eid=31087357%2C31087549%2C31084130%2C31084270%2C31086809&output=ldjh&gdfp_req=1&vrg=202409260101&ptt=17&impl=fifs&gdpr=0&iu_parts=22386372773%2Crosecrossinfo.com%2Crosecrossinfo.com-300x250-092501%2Crosecrossinfo.com-300x250-092502&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1727952843102&lmt=1727580649&adxs=585%2C585&adys=102%2C772&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Finfo.rosecrossinfo.com%2F&vis=1&psz=430x283%7C430x283&msz=430x250%7C430x250&fws=0%2C0&ohw=0%2C0&td=1&egid=33736&tan=9cbf724a-0104-4aa7-8dc3-4f930ede9a76%2C9cbf724a-0104-4aa7-8dc3-4f930ede9a77&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1727952841412&idt=952&prev_scp=ad_label%3Dnative%26ad_index%3D0%7Cad_label%3Dnative%26ad_index%3D1&adks=4277763050%2C3673886261&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c42aafe3e5e127411c360e2ffad56bb65a7f9447cad0f7548b282cd0894e145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
content-encoding: br
google-lineitem-id: -1,-1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 10:54:04 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1,-1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://info.rosecrossinfo.com
content-length: 19581
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
15 KB 715ms
714ms Fetch
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1237536242638097&correlator=3060147069993658&eid=31087357%2C31087549%2C31084130%2C31084270%2C31086809&output=ldjh&gdfp_req=1&vrg=202409260101&ptt=17&impl=fifs&gdpr=0&iu_parts=22386372773%2Crosecrossinfo.com%2Crosecrossinfo.com-anchor-092501&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&fas=1&sc=1&cookie_enabled=1&abxe=1&dt=1727952843115&lmt=1727580649&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Finfo.rosecrossinfo.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=33736&tan=9cbf724a-0104-4aa7-8dc3-4f930ede9a78&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1727952841412&idt=952&prev_scp=ad_label%3Dbottom&adks=760974703&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d023bff04a44e179ea85f931e80e959b5dabf927a295f7f0725c4cb38a8e68f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 10:54:03 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://info.rosecrossinfo.com
content-length: 15082
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
663e4dbbfe47dfe976b33ee6fbb7f2d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 89AC 0
0 345ms
84ms Document
text/html 2607:f8b0:400d:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://663e4dbbfe47dfe976b33ee6fbb7f2d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.rosecrossinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 10:54:03 GMT
expires: Thu, 03 Oct 2024 10:54:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/ 49 KB
15 KB 49ms
48ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e67c2983ce9f0d72efa2023c2d0e5c15de736310798d5f57cd4414edfbcc5e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: 15111768174442336325
age: 79323
x-content-type-options: nosniff
expires: Thu, 02 Oct 2025 12:52:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 02 Oct 2024 12:52:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 15642
x-xss-protection: 0
server: cafe

GET
H2 200 AGSKWxWxJ8b-BT1CxB_fqWDrJ21NyUcTbYo4SSvfrVGwYzgJ2N59gQL5u8gUixSWt-wLtZRlMAxAvHf-tyo92gg4wc-pxCcxun1PD2yoVX3qf6K3m59RYzA-d-SEHvNQQ_-a45xBBXxKkw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 102ms
102ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWxJ8b-BT1CxB_fqWDrJ21NyUcTbYo4SSvfrVGwYzgJ2N59gQL5u8gUixSWt-wLtZRlMAxAvHf-tyo92gg4wc-pxCcxun1PD2yoVX3qf6K3m59RYzA-d-SEHvNQQ_-a45xBBXxKkw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3OTUyODQzLDE3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vaW5mby5yb3NlY3Jvc3NpbmZvLmNvbS8iLG51bGwsW1s4LCJvMVBhUWdxbUo3QSJdLFs5LCJlbi1VUyJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQyNjhdLG51bGwsNF0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6a29a687f75e3396d1eb74f1aad749e32c2bd1b7902bdcdae1e6be5ea72a759

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4hMwwZy0Mjfgw18hRoGhsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:03 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwLx0vuXWdcCcZHEFdYGIL7ddIX1MRALcXOcfv9zO5vAhZbHlUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgYGhnoGJvEFBgD8wEp5"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4hMwwZy0Mjfgw18hRoGhsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 477ms
83ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 10:54:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:03 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 9C02 0
0 446ms
54ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.rosecrossinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 116100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 02:39:04 GMT
expires: Thu, 02 Oct 2025 02:39:04 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame AC21 0
0 491ms
69ms Document
text/html 2607:f8b0:400d:c0f::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::6a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XzMziU6eZRXdU-FXIYpq9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.rosecrossinfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XzMziU6eZRXdU-FXIYpq9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 10:54:04 GMT
expires: Thu, 03 Oct 2024 10:54:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012406241625000/ Frame B6D0 196 KB
55 KB 517ms
111ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "cc18f0752fb26ed7"
age: 537170
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 05:41:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 05:41:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 56144
x-xss-protection: 0
server: sffe

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame B6D0 15 KB
5 KB 551ms
145ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "a54ee7ef81300879"
age: 249973
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 13:27:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 13:27:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 5218
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame B6D0 95 KB
29 KB 485ms
79ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "ed67e306da4f50af"
age: 282979
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 04:17:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 04:17:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 29004
x-xss-protection: 0
server: sffe

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame B6D0 5 KB
2 KB 551ms
146ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "318c9ffc754fdb7f"
age: 520429
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 10:20:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 10:20:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 1913
x-xss-protection: 0
server: sffe

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame B6D0 40 KB
13 KB 553ms
148ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "6b189ee8e91db6e8"
age: 537168
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 05:41:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 05:41:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 12940
x-xss-protection: 0
server: sffe

GET
H2 200 css
fonts.googleapis.com/ Frame B6D0 18 KB
2 KB 486ms
83ms Stylesheet
text/css 2607:f8b0:400d:c0e::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bf164fd8f85bbe262753bca4167f5baacb295fa1f167e0dfcc43fbf3e21a876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 10:54:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:04 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 03 Oct 2024 09:35:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B6D0 2 KB
3 KB 58ms
57ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 14819457070020093239
age: 71412
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 15:03:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2502
x-xss-protection: 0
date: Wed, 02 Oct 2024 15:03:51 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B6D0 295 B
399 B 58ms
56ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 426692510519060060
age: 23454
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 04:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 295
x-xss-protection: 0
date: Thu, 03 Oct 2024 04:23:09 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B6D0
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CmT-0y3f-ZpGAC_eRqMwPq_L0wAL8oMyqeobB94ubE9-864-UDhABIJ-tzIQBYP2AgIDoA6AB6f31zwPIAQngAgCoAwHIAwqqBK8CT9Dxe5Bklb9844bRg_Z6r9iVuq2NGho_y8STU5C-...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1414905ced33556c0000000000000000%22,%222%22:%220xf7dae97d3e372f6f0000000000000000%22,%223%22:%220x385165...

0
20 B

372ms
130ms

Image
text/css

173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1414905ced33556c0000000000000000%22,%222%22:%220xf7dae97d3e372f6f0000000000000000%22,%223%22:%220x38516506a6795e330000000000000000%22,%224%22:%220xdc7673d35aa9ee760000000000000000%22,%225%22:%220xef09308fe4a744570000000000000000%22},%22debug_key%22:%227403839426886734644%22,%22debug_reporting%22:true,%22destination%22:%22https://favoritesearches.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217980780860841896465%22}&andc=true

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 10:54:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 03 Oct 2024 10:54:04 GMT
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x1414905ced33556c0000000000000000","2":"0xf7dae97d3e372f6f0000000000000000","3":"0x38516506a6795e330000000000000000","4":"0xdc7673d35aa9ee760000000000000000","5":"0xef09308fe4a744570000000000000000"},"debug_key":"7403839426886734644","debug_reporting":true,"destination":"https://favoritesearches.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"17980780860841896465"}
content-type: text/css; charset=UTF-8
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x1414905ced33556c0000000000000000","2":"0xf7dae97d3e372f6f0000000000000000","3":"0x38516506a6795e330000000000000000","4":"0xdc7673d35aa9ee760000000000000000","5":"0xef09308fe4a744570000000000000000"},"debug_key":"7403839426886734644","debug_reporting":true,"destination":"https://favoritesearches.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"17980780860841896465"}&andc=true
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 10:54:03 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/111253572280852924/ Frame B6D0 21 KB
21 KB 90ms
90ms Image
image/jpeg 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/111253572280852924/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5eeb8201250270725d412297d7740313bc04c45ad44e9aaafa1763eeca43cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 10:54:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Thu, 03 Oct 2024 10:54:03 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 17:27:40 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 21423
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame B6D0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85e61f358c5ca52d25eb8d57f68df275f66fb1e07a5fba998369a34a62b9b02b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 ads160x600-_Mobile_Ad_ Show response
fundingchoicesmessages.google.com/f/AGSKWxW28Mryr8s1VrTrs3FdRgE8M9JTIOYH6z4WCGV7q4lnvjoKj5yqeYhfGmuAkvcd9DtNFhtnjk9qMg2XCebwMgt8VM6gPF-l0mDHDlLvE8ph-gYp6q_80DFIikMfkyDOwiY6uj9u0aiBSufLljvwldJyPJl-Y... 54 B
109 B 71ms
70ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW28Mryr8s1VrTrs3FdRgE8M9JTIOYH6z4WCGV7q4lnvjoKj5yqeYhfGmuAkvcd9DtNFhtnjk9qMg2XCebwMgt8VM6gPF-l0mDHDlLvE8ph-gYp6q_80DFIikMfkyDOwiY6uj9u0aiBSufLljvwldJyPJl-YftJ1wOyGNvpyxvHC-8T5XLwd80-wbCK/_/ad/bbl-/ads5._ad2./ads160x600-_Mobile_Ad_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.o1PaQgqmJ7A.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz_mMnbOo11IvgMEdjbRw-tJjHlCQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f305efe3b55d6079f782babd9d20b63829cd8e6eada6b8600253dfc38a5463a5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1W53t2jlDhjLwB_RvfBSEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:03 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwLx0vuXWdcCcZHEFdYGIL7ddIX1MRAL8XCcfv9zO5vAjItLDzEraSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGBjqGZjEFxgAADrhSpc"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1W53t2jlDhjLwB_RvfBSEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 244ms
60ms Script
text/javascript 2607:f8b0:400d:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: 16023549773543154165
age: 3587
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 10:54:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 03 Oct 2024 09:54:17 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 51
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWg9HlpU9VZVWk4QyV5o7QPLWs0LgDPBGRELScSlvN7--ABIX-njlvcHrs7DO9OQHSP6XDUTUje1_lO1d9HRTufa97xd5O2zTfWvFm55dMUldx8q2AYKrkreheESmCUzYde4BZsgw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 280ms
101ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWg9HlpU9VZVWk4QyV5o7QPLWs0LgDPBGRELScSlvN7--ABIX-njlvcHrs7DO9OQHSP6XDUTUje1_lO1d9HRTufa97xd5O2zTfWvFm55dMUldx8q2AYKrkreheESmCUzYde4BZsgw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BbTVKHJaO6rfRVpEc4DXjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://info.rosecrossinfo.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gXjvx0usR4F46f3LrGuBWIib48z7n9vZBE4cu-yp5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMDQwM9QzM4wsMAMeRL3c"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BbTVKHJaO6rfRVpEc4DXjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://info.rosecrossinfo.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWg9HlpU9VZVWk4QyV5o7QPLWs0LgDPBGRELScSlvN7--ABIX-njlvcHrs7DO9OQHSP6XDUTUje1_lO1d9HRTufa97xd5O2zTfWvFm55dMUldx8q2AYKrkreheESmCUzYde4BZsgw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 206ms
99ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWg9HlpU9VZVWk4QyV5o7QPLWs0LgDPBGRELScSlvN7--ABIX-njlvcHrs7DO9OQHSP6XDUTUje1_lO1d9HRTufa97xd5O2zTfWvFm55dMUldx8q2AYKrkreheESmCUzYde4BZsgw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tq_xC-9o3Rk-3RMm787ksQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://info.rosecrossinfo.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoCxO5aF1n9gXjvx0usR4F46f3LrGuBWIib48z7n9vZBF7cuemh5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMDQwM9QzM4wsMANeSL7A"
content-security-policy: script-src 'report-sample' 'nonce-Tq_xC-9o3Rk-3RMm787ksQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://info.rosecrossinfo.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWg9HlpU9VZVWk4QyV5o7QPLWs0LgDPBGRELScSlvN7--ABIX-njlvcHrs7DO9OQHSP6XDUTUje1_lO1d9HRTufa97xd5O2zTfWvFm55dMUldx8q2AYKrkreheESmCUzYde4BZsgw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 74ms
72ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWg9HlpU9VZVWk4QyV5o7QPLWs0LgDPBGRELScSlvN7--ABIX-njlvcHrs7DO9OQHSP6XDUTUje1_lO1d9HRTufa97xd5O2zTfWvFm55dMUldx8q2AYKrkreheESmCUzYde4BZsgw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vaBLhLoYmIZB-DnyWBq_ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://info.rosecrossinfo.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0gDi9BmsIUDsrnWR1R-I9368xHoUiJfev8y6FoiFuDnOvP-5nU1gwfyXUUouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxNDAwFDPwDy-wAAAuXYvSg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vaBLhLoYmIZB-DnyWBq_ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://info.rosecrossinfo.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWg9HlpU9VZVWk4QyV5o7QPLWs0LgDPBGRELScSlvN7--ABIX-njlvcHrs7DO9OQHSP6XDUTUje1_lO1d9HRTufa97xd5O2zTfWvFm55dMUldx8q2AYKrkreheESmCUzYde4BZsgw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 100ms
99ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWg9HlpU9VZVWk4QyV5o7QPLWs0LgDPBGRELScSlvN7--ABIX-njlvcHrs7DO9OQHSP6XDUTUje1_lO1d9HRTufa97xd5O2zTfWvFm55dMUldx8q2AYKrkreheESmCUzYde4BZsgw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LK9qy588PSFvoAM1gOaUiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://info.rosecrossinfo.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gXjvx0usR4F46f3LrGuBWIib48z7n9vZBH5Mvpqh5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMDQwM9QzM4wsMAND9L5c"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LK9qy588PSFvoAM1gOaUiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://info.rosecrossinfo.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXNyHFGJ0TOAARr_FxV5M2kOF2C2KW69LoUR74nmqJwB0ey0nZCkSfjN8SsAPH-L_XxQ7aKPR72YA48lUNwVHfE3yfX_JqB-KAVDq9YRiwjyDWvIPV6VDjLd0dVp7WOepoyj-6yjQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 77ms
77ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXNyHFGJ0TOAARr_FxV5M2kOF2C2KW69LoUR74nmqJwB0ey0nZCkSfjN8SsAPH-L_XxQ7aKPR72YA48lUNwVHfE3yfX_JqB-KAVDq9YRiwjyDWvIPV6VDjLd0dVp7WOepoyj-6yjQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3OTUyODQ0LDE1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9pbmZvLnJvc2Vjcm9zc2luZm8uY29tLyIsbnVsbCxbWzgsIm8xUGFRZ3FtSjdBIl0sWzksImVuLVVTIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sbnVsbCw0XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ee483581f82289db384c23d677e5d6814501ab15c431695dd31a064229e3628

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EfsH0abi2iJsXM0_-7xaDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:04 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwLx0vuXWdcCcZHEFdYGIL7ddIX1MRALcXOcef9zO5vAhzOX45Q0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MDPUMTOILDAAJeEq5"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EfsH0abi2iJsXM0_-7xaDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWsQcFbeLTLRED-mufnLgzMEbaqF7OEWWUMoCIOgr6rqN0oeNyMsh1sbXj5PWKgGWfE5DuiV-qz5EjVlPFql_S6WlzHK4E9oemUFdwSANWl1TfwykLGqrx_LrmapjnRY3oHlbTEbA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 77ms
71ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWsQcFbeLTLRED-mufnLgzMEbaqF7OEWWUMoCIOgr6rqN0oeNyMsh1sbXj5PWKgGWfE5DuiV-qz5EjVlPFql_S6WlzHK4E9oemUFdwSANWl1TfwykLGqrx_LrmapjnRY3oHlbTEbA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R033r-HIoRFGhxIb6yZJAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://info.rosecrossinfo.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBicEqfwRoCxO5aF1n9gXjvx0usR4F46f3LrGuBWIiH48z7n9vZBC68ejuFUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYGOoZmMcXGAAADIwwFA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R033r-HIoRFGhxIb6yZJAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://info.rosecrossinfo.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v61/ Frame B6D0 33 KB
33 KB 184ms
55ms Font
font/woff2 2607:f8b0:400d:c0d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v61/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://info.rosecrossinfo.com
Referer: https://fonts.googleapis.com/

Response headers

age: 522734
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 09:41:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 09:41:50 GMT
last-modified: Mon, 12 Aug 2024 17:14:50 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34184
x-xss-protection: 0
server: sffe

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B6D0 2 KB
0 0ms
0ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 14819457070020093239
age: 71412
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 15:03:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2502
x-xss-protection: 0
date: Wed, 02 Oct 2024 15:03:51 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B6D0 295 B
0 1ms
0ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 426692510519060060
age: 23454
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 04:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 295
x-xss-protection: 0
date: Thu, 03 Oct 2024 04:23:09 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012406241625000/ Frame C614 196 KB
0 1ms
1ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "cc18f0752fb26ed7"
age: 537170
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 05:41:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 05:41:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 56144
x-xss-protection: 0
server: sffe

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame C614 15 KB
0 3ms
3ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "a54ee7ef81300879"
age: 249973
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 13:27:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 13:27:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 5218
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame C614 95 KB
0 3ms
3ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "ed67e306da4f50af"
age: 282979
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 04:17:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 04:17:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 29004
x-xss-protection: 0
server: sffe

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame C614 5 KB
0 5ms
5ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "318c9ffc754fdb7f"
age: 520429
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 10:20:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 10:20:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 1913
x-xss-protection: 0
server: sffe

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame C614 40 KB
0 5ms
5ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "6b189ee8e91db6e8"
age: 537168
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 05:41:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 05:41:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 12940
x-xss-protection: 0
server: sffe

GET
H2 200 css
fonts.googleapis.com/ Frame C614 6 KB
825 B 69ms
63ms Stylesheet
text/css 2607:f8b0:400d:c0e::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f8539022b5a1a5ba0c8205d9841b8f029802a8a2fe7f87714dc864946f32f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 10:54:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:05 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 03 Oct 2024 09:42:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C614 2 KB
0 0ms
0ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 14819457070020093239
age: 71412
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 15:03:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2502
x-xss-protection: 0
date: Wed, 02 Oct 2024 15:03:51 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C614 295 B
0 1ms
0ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 426692510519060060
age: 23454
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 04:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 295
x-xss-protection: 0
date: Thu, 03 Oct 2024 04:23:09 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3898301875809742987/ Frame C614 12 KB
12 KB 59ms
56ms Image
image/jpeg 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3898301875809742987/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a18ef6517fd7efd0bc75507eaac5073b5f3ec286a9bf3b7849b93c12ff93f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

age: 596817
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 13:07:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Thu, 26 Sep 2024 13:07:08 GMT
last-modified: Mon, 09 Sep 2024 18:54:18 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 12283
x-xss-protection: 0
server: sffe

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14809426049423329354/ Frame C614 3 KB
3 KB 59ms
57ms Image
image/jpeg 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14809426049423329354/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9e03897fa2f8a10cd12d35f6ae49b7d42791b14f8f90bd73fe79b1bde69b6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

age: 505173
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 14:34:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 27 Sep 2024 14:34:32 GMT
last-modified: Sat, 25 Jun 2022 17:05:59 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 2781
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame C614 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fae0a13b93f36731d7d7febe1d15659bf68cbebb7948c95c62afefe762eccdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C614
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CrfwJy3f-Zr-zL8iTqMwPoqS1gAH_ieGMeq-LidaYE2QQASCfrcyEAWD9gICA6AOgAbDKx-kDyAEJ4AIAqAMByAMKqgSxAk_Q83G_2-qeflfEz007BiqBV7dufmzakYLhkJzdZYq7CqSO...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x448bdd04c95e52530000000000000000%22,%222%22:%220xeef121fd9737e6d20000000000000000%22,%223%22:%220xee0be9...

0
20 B

130ms
130ms

Image
text/css

173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x448bdd04c95e52530000000000000000%22,%222%22:%220xeef121fd9737e6d20000000000000000%22,%223%22:%220xee0be912ae91ccbc0000000000000000%22,%224%22:%220x5992b851d3a632c80000000000000000%22,%225%22:%220x5ae4a6714b9db3b60000000000000000%22},%22debug_key%22:%221847477436592289467%22,%22debug_reporting%22:true,%22destination%22:%22https://spglobal.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221026680112%22],%2222%22:[%22true%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214119726908532611777%22}&andc=true

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 10:54:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 03 Oct 2024 10:54:05 GMT
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x448bdd04c95e52530000000000000000","2":"0xeef121fd9737e6d20000000000000000","3":"0xee0be912ae91ccbc0000000000000000","4":"0x5992b851d3a632c80000000000000000","5":"0x5ae4a6714b9db3b60000000000000000"},"debug_key":"1847477436592289467","debug_reporting":true,"destination":"https://spglobal.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1026680112"],"22":["true"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"14119726908532611777"}
content-type: text/css; charset=UTF-8
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x448bdd04c95e52530000000000000000","2":"0xeef121fd9737e6d20000000000000000","3":"0xee0be912ae91ccbc0000000000000000","4":"0x5992b851d3a632c80000000000000000","5":"0x5ae4a6714b9db3b60000000000000000"},"debug_key":"1847477436592289467","debug_reporting":true,"destination":"https://spglobal.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1026680112"],"22":["true"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"14119726908532611777"}&andc=true
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 10:54:05 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012406241625000/ Frame E460 196 KB
0 1ms
1ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "cc18f0752fb26ed7"
age: 537170
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 05:41:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 05:41:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 56144
x-xss-protection: 0
server: sffe

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame E460 15 KB
0 2ms
2ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "a54ee7ef81300879"
age: 249973
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 13:27:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 13:27:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 5218
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame E460 95 KB
0 2ms
2ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "ed67e306da4f50af"
age: 282979
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 04:17:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 04:17:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 29004
x-xss-protection: 0
server: sffe

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame E460 5 KB
0 4ms
4ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "318c9ffc754fdb7f"
age: 520429
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 10:20:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 10:20:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 1913
x-xss-protection: 0
server: sffe

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame E460 40 KB
0 4ms
4ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: br
etag: "6b189ee8e91db6e8"
age: 537168
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 05:41:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 05:41:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 12940
x-xss-protection: 0
server: sffe

GET
H2 200 css
fonts.googleapis.com/ Frame E460 6 KB
0 49ms
49ms Stylesheet
text/css 2607:f8b0:400d:c0e::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f8539022b5a1a5ba0c8205d9841b8f029802a8a2fe7f87714dc864946f32f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 10:54:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 10:54:05 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 03 Oct 2024 09:42:35 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E460 2 KB
0 0ms
0ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 14819457070020093239
age: 71412
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 15:03:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2502
x-xss-protection: 0
date: Wed, 02 Oct 2024 15:03:51 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E460 295 B
0 1ms
0ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 426692510519060060
age: 23454
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 04:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 295
x-xss-protection: 0
date: Thu, 03 Oct 2024 04:23:09 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3273895292928726403/ Frame E460 16 KB
16 KB 83ms
81ms Image
image/jpeg 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3273895292928726403/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1893ca5f1df1b69f5175acec22540d935cae737f11e1fe8f98056c9d4b4e2f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 10:54:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Thu, 03 Oct 2024 10:54:05 GMT
content-type: image/jpeg
last-modified: Tue, 28 Jun 2022 06:27:44 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 16122
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame E460 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14407ce5984162c099b1a2a24d5af626b3e991e9c919c9be05c38126fd8732a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E460
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CCkk7y3f-ZsCzL8iTqMwPoqS1gAGLiei7etCxquSxENSO4JekLRABIJ-tzIQBYP2AgIDoA6AB7OWOzALIAQngAgCoAwHIAwqqBLUCT9BSP3Zyg4KpVYAZR1WP36IoeZnVP5C7hK8PelpH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xae3ff56b54cd8f980000000000000000%22,%222%22:%220x2c0cb98df78679100000000000000000%22,%223%22:%220xb9328d...

0
20 B

427ms
426ms

Image
text/css

173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xae3ff56b54cd8f980000000000000000%22,%222%22:%220x2c0cb98df78679100000000000000000%22,%223%22:%220xb9328d229c334c980000000000000000%22,%224%22:%220x9e77eceda4d192ed0000000000000000%22,%225%22:%220x74cb031497f684a80000000000000000%22},%22debug_key%22:%2213132058292421682822%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22696496876%22],%2222%22:[%22true%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226386270326499655441%22}&andc=true

Requested by

Host: info.rosecrossinfo.com
URL: https://info.rosecrossinfo.com/

Protocol

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 10:54:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 03 Oct 2024 10:54:05 GMT
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xae3ff56b54cd8f980000000000000000","2":"0x2c0cb98df78679100000000000000000","3":"0xb9328d229c334c980000000000000000","4":"0x9e77eceda4d192ed0000000000000000","5":"0x74cb031497f684a80000000000000000"},"debug_key":"13132058292421682822","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["696496876"],"22":["true"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"6386270326499655441"}
content-type: text/css; charset=UTF-8
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xae3ff56b54cd8f980000000000000000","2":"0x2c0cb98df78679100000000000000000","3":"0xb9328d229c334c980000000000000000","4":"0x9e77eceda4d192ed0000000000000000","5":"0x74cb031497f684a80000000000000000"},"debug_key":"13132058292421682822","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["696496876"],"22":["true"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"6386270326499655441"}&andc=true
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 10:54:05 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame E460 18 KB
18 KB 55ms
55ms Font
font/woff2 2607:f8b0:400d:c0d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://info.rosecrossinfo.com
Referer: https://fonts.googleapis.com/

Response headers

age: 537304
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 05:39:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 05:39:01 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame E460 18 KB
18 KB 61ms
60ms Font
font/woff2 2607:f8b0:400d:c0d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://info.rosecrossinfo.com
Referer: https://fonts.googleapis.com/

Response headers

age: 522814
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 09:40:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 09:40:31 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame C614 18 KB
0 59ms
59ms Font
font/woff2 2607:f8b0:400d:c0d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://info.rosecrossinfo.com
Referer: https://fonts.googleapis.com/

Response headers

age: 537304
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 05:39:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 05:39:01 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame C614 18 KB
0 74ms
74ms Font
font/woff2 2607:f8b0:400d:c0d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://info.rosecrossinfo.com
Referer: https://fonts.googleapis.com/

Response headers

age: 522814
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 09:40:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 09:40:31 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B6D0 42 B
65 B 123ms
122ms Image
image/gif 2607:f8b0:400d:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2Y_zqwCNzYX5Vi1BLkJ0mPlEz41igW04CVEoBh8s1Fty5CkRBfpjNRs_PV3GDpKuaS2WZdugjY1owknMfuACnSzaRHvTySVfInxJvw9eDlcHFM8DKVWI1WpExfd6vSfwqtlDKhoo1sXRK91sqEvIgQ_Qqcz4PT16zs-2gwjU1V7COjzjxLlohvCM7zvVooQQ&sai=AMfl-YQCYIirPm0VRWA_RFHDiIJZ4EJG22BxPJctocFGQqqWQQN5SFx0DxPcyim4Y5dYYYxM1osTPzDqVLRhebgXPfM0TozX0hwEOeXFYg14Kv3m4dn4O2Vv1pHgqF2rTJ_wDEkdC_gQ4ZXsJwNV8TU8&sig=Cg0ArKJSzMKCYYwODsX5EAE&cid=CAQSTgDpaXnfIRTzYby4BD7KKlNhvxAIKndLXgtd6h36XL0v-NYMpQUs4_thKICdennM_ETYHK7_KoZVVOxiHhsYZW23rQUhkUyBB5lR1graFBgB&id=ampim&o=298,1117&d=1005,124&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=642&tls=1642&g=73.38709831237793&h=100&tt=1642&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 03 Oct 2024 10:54:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C614 42 B
65 B 123ms
123ms Image
image/gif 2607:f8b0:400d:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsst-lBlpkbG--BAWScO1u0VhXecn1p2NbuUnvcM-9NOr9-ep_eWnzNvNdnEGQbVjUubcXmMt_UwHdQtqp4dnSYnfK7HxLdtR5n3RU4B8mqYI5x7iw-r9-4t5H-nPTKjwH8HKXLwqNy-BvXwfZ3XYzjzxV5GGnK6to4oaXlIrq5Zv4BrZerDL5rM_5OmAVXAGaA&sai=AMfl-YQ2nv6SNY_G_NuvaOyqHnDzSYiruHGrvtsiZr0f8jTxQJXS1TjzVf8QuBYA-_aqCxVeWdIBuoBcx_ax_jjRWLxj9URhiYjcSzSpXY_IcjXnj9rc67pJCDss61e3dAEghMVUqUD1CzgDOsX-B4XsEA&sig=Cg0ArKJSzI-E24xlmW8sEAE&cid=CAQSTwDpaXnfqQOkLduzZnKRaDnLtQCgh4ihFzTU1EldxVjZWpMiGI64GYGK6lQ5HAoZ5mScsr7aVtYxfuuNypc1MY6iqWXnPA18eigbv0ym0zUYAQ&id=ampim&o=650,102&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=152&tls=1152&g=100&h=100&tt=1152&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 03 Oct 2024 10:54:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E460 42 B
65 B 121ms
121ms Image
image/gif 2607:f8b0:400d:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoIWcFYbYGK8c2ab1fb-kyR-g-vbIi311Q3RgNeUL2uwwf3Jb-2CMF_IikfCvcwd0kYycZ_MDjBRy2a6viJ7Pacme4WDIPQmXzzK93suessQr4E0fLk7h6u29RVoNNSblM2VewNr8_lTEuoRZybfHFBUBZMLsYXfdv1yXDNIz0YQ5VbOztl3Wy17Lbotj4yK4&sai=AMfl-YQPQWELLCJE_msCmvEnzk759PxNd_HxIWoDn9JT6OifPAzB4iPE6oi246PH9CpWJqkPTT92CvFLrJhAbF3xWQA2U8uvSvTh5IL_gKCxMQ4hAggrHzDDaSfKTRplCIsp5bsfnkSMlD7dAUwT8RZe6w&sig=Cg0ArKJSzN90y977n2pxEAE&cid=CAQSTwDpaXnfqQOkLduzZnKRaDnLtQCgh4ihFzTU1EldxVjZWpMiGI64GYGK6lQ5HAoZ5mScsr7aVtYxfuuNypc1MY6iqWXnPA18eigbv0ym0zUYAQ&id=ampim&o=650,772&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=133&tls=1134&g=100&h=100&tt=1134&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://info.rosecrossinfo.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 03 Oct 2024 10:54:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202409260101&jk=1237536242638097&bg=!KyilKGfNAAax3igvkd47ADQBe5WfOI0mPJWVbSh588Abo_ucVNkZCZppVi3LTtGWSlUWZeN2Pk7C3aY71ooRvDWckRKiAgAAAFZSAAAAA2gBB34ANkpZR6W6RqzAt5fIW2er6nNdesvBmRZRe_KRcHZBOBosBsxDPpg8afk0RC6sGwFFTra2BIQA-AoAF9HBrxf6FfnHKQHipCh-w-w10UkBHRX7mQKT5T0DoDy602LW7h9alYr-uPdC_tnhD8Pnv-YGk0qgpuXE6RlhxVGtjFgw8wMGn9g0d26MRQklgsQQbx16BCFIB2Dc6njPwgqUkvK2VnpJKbSFSUNm4wLxfsdwpLSDxpnWuGg9aB5HrGKcoP9QGom26h5hd0_yABboUZOJpjoKRUfg53SLNLvz9THq1jDoBgX-ljBfAfhv1ATUGpcHiPf2QByzqAGWZJHdW7Nx9BtmssWnAIZ1m99aqWMVIplGWZLKICZhbSqC8xs0XhpjoERYBlExsRDucrRk2P3HUFGYNda8Y5XNPIPaWQ3REbocNQ4vww5QlQsFnmR6_uO1SPagg_mUbLT3jUiDBV11CIt357aE0XDCX6ZYxb_oFEMKXzYGICcWZNTloGUda2HF8Yzc_nJ-e-XUedqVakF0HyTBl8Vpfp-h3IzYhqRiStjAhSYxtfDk-bQVqeJb5ZFWyjy_Ad-9MF7xL7T0ITqFXWf2nUsupbCg1syYGEsAMTG6Q9_kb99waWj62fob8hu4FMfHLqSgOFadd934MyFv0sThMmBCSZlIRLyc99edOpLf-zWQPXrVJRleDvIDZIYTv5C5fPa1nUCDoKSVhufazLn7bqUWJi5VKkFFPb_Z3oQP82e7OIhaDXQQ6haQxmkhNyn0w6zuSRgCRhArnpIcur9hQ2lskscTlUdvTvp6gT5K_HUx9oLKeKS6-b29JJhiOmEtou2fCE5BCbvuND_KNXVXXIMMuUpmR6o7HbU0hPoHpXSmwLVNCSuKbX-29VAtI3ceZMdhNB2X97phssmEACmgcAKDaBu5XVBSnn9pHRajT-n5fkhwFTZo8OVafHoJu7JLilcYJ3EHX-JYADBZJPQzVYHwm74

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rosecrossinfo.com/	1970-01-21 09:35:12	Name: _ga_VQSHHWCSFP Value: GS1.1.1727952842.1.0.1727952842.0.0.0
.rosecrossinfo.com/	1970-01-21 09:35:12	Name: _ga Value: GA1.1.1191321257.1727952842
.doubleclick.net/	1970-01-21 09:35:12	Name: IDE Value: AHWqTUnWdNlYJ4a8PPO2TMDayJqinsQ4oOFddIzAFIUSZ3emKAiQ6PpnSZVGcn-QW-k
.rosecrossinfo.com/	1970-01-21 08:44:48	Name: FCNEC Value: %5B%5B%22AKsRol_QbzA5seGvjWak86mRBbvJyr44dmvZUUdHUsS6Lu5udVQENRkl2bMcfWTp87axHn1CR5X2t36Ym8o6ktvf5dpXh_zhKRb0uOHVe2vnn1d_uR0IuFHQaWeTwDn97eY4iimp0xpJIULeoyC7dQzzouFsmWiyMw%3D%3D%22%5D%5D
.googleadservices.com/	1970-01-21 02:08:48	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 23:59:13	Name: test_cookie Value: CheckForPermission
.rosecrossinfo.com/	1970-01-21 09:20:48	Name: __gads Value: ID=c38b3f81e45bb1ef:T=1727952843:RT=1727952843:S=ALNI_MbRf0xsVcbyBQX2_AV7IRzagz3bgw
.rosecrossinfo.com/	1970-01-21 09:20:48	Name: __gpi Value: UID=00000f22ee732b09:T=1727952843:RT=1727952843:S=ALNI_MbHG7uCI7-JwTk9HDVBGqcfgYuPeg
.rosecrossinfo.com/	1970-01-21 04:18:24	Name: __eoi Value: ID=f25f3fba8927b862:T=1727952843:RT=1727952843:S=AA-Afjbl4TIlBHLVMqGLADCTIsEL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

663e4dbbfe47dfe976b33ee6fbb7f2d9.safeframe.googlesyndication.com
cdn.ampproject.org
files.dreame.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
info.rosecrossinfo.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
pagead2.googlesyndication.com
173.194.204.155
2600:9000:2510:8000:4:cb6e:7440:93a1
2607:f8b0:4004:c07::64
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1b::9d
2607:f8b0:400d:c01::61
2607:f8b0:400d:c04::71
2607:f8b0:400d:c07::84
2607:f8b0:400d:c09::9a
2607:f8b0:400d:c0d::5e
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c0e::5f
2607:f8b0:400d:c0f::6a
3.231.241.38
0d023bff04a44e179ea85f931e80e959b5dabf927a295f7f0725c4cb38a8e68f
0f8539022b5a1a5ba0c8205d9841b8f029802a8a2fe7f87714dc864946f32f4d
14407ce5984162c099b1a2a24d5af626b3e991e9c919c9be05c38126fd8732a4
1893ca5f1df1b69f5175acec22540d935cae737f11e1fe8f98056c9d4b4e2f26
1a145e2c928aad2a389b341a06ac46a783f324d523529fc9c6a74d68557fba4c
26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2
2ee483581f82289db384c23d677e5d6814501ab15c431695dd31a064229e3628
2fea20fe6f36534bbbc272cd8016487f4369125a954facee861448d1166dae51
33b16c5577bb926eab5136e205b76a073a0b81a678bded2bc9ecfd3316108ff6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3cd1edc73fc9576a547cbeb6ae0bcf333b943637adb760a9ee4303c8a99542c6
3d52dd7c0e687b77ba3901803ccdfca345b1bf1b2fd0e6f0c69a5373edf2531d
4027e0d9305b6e43c82b454505269a38a220c57eea70f80d368fe22f766b58fe
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4ec7f525efa063f097bbec34f5fea62baf4c7038f4064cc167fc526b7b282b27
512525444c8d60bb6b5e93a03bf88d5b48bd25bc576095c271ab1e9f605cfc71
554b4ae973cd487bdb7f42d4acea9658e89e43dc2323840ebf9aedfa1c3f3129
58cf0662f6f7ded266580afe51a1fe9228363a48c06e5a73d9f5e2555a0c55a1
5c42aafe3e5e127411c360e2ffad56bb65a7f9447cad0f7548b282cd0894e145
5fae0a13b93f36731d7d7febe1d15659bf68cbebb7948c95c62afefe762eccdd
63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c
7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1
77771728a00a2d8a0a64933a4ae7d54c050354bbff95ae0f8ac06047968c8145
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
83e9b4120b526b002b0cd95b1b0a5a7273378ee946925ca6371e202a71ce534b
85e61f358c5ca52d25eb8d57f68df275f66fb1e07a5fba998369a34a62b9b02b
92eea4056c81d0194679f95d9c0af27a00aa4c2d0d731ecdc404d361c3107112
9849b6e957d5a4a4e023aa9c4b107ba712e0fdf5a0ee8698b7e0eedf5e645717
9a373ae6214168509dc4fe047f320b9d27bd87ed907d66806ce9b865ca55042a
9bf164fd8f85bbe262753bca4167f5baacb295fa1f167e0dfcc43fbf3e21a876
a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551
b6ee11cce11a9d8b219571f0432c7a62f84d001c14dd8e251edf9fa87c7fbc95
b7c5d5813fdb48fd8f442074b92fc19fdcc7f9285b1d10f99af0b50c67bdff13
b8fbcb76b6b03aa004d87312afc11d45d9d2267d2c8a09afc3c29b4fc9b62ccb
bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c7a18ef6517fd7efd0bc75507eaac5073b5f3ec286a9bf3b7849b93c12ff93f0
ceabdc803505699d0269423f8217a67265b5202267506788de4001b01c316284
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
d9e03897fa2f8a10cd12d35f6ae49b7d42791b14f8f90bd73fe79b1bde69b6df
dbdf422b9b6701c7befada147f8cd0c2f8ec0af87f7ddd4883d078ce617421ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
e5eeb8201250270725d412297d7740313bc04c45ad44e9aaafa1763eeca43cb5
e67c2983ce9f0d72efa2023c2d0e5c15de736310798d5f57cd4414edfbcc5e27
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f305efe3b55d6079f782babd9d20b63829cd8e6eada6b8600253dfc38a5463a5
f6a29a687f75e3396d1eb74f1aad749e32c2bd1b7902bdcdae1e6be5ea72a759
fc41558a01362a07b2546e355795c2bcfab3cb8d7dd396444cef874e49433b3a
fd1c9b507bb625a6867eed0c261a7663bb95f52a01c0c93be97365f800b85f3b
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

info.rosecrossinfo.com Open in urlscan Pro 3.231.241.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

95 %HTTPS

86 %IPv6

11 Domains

14 Subdomains

15 IPs

1 Countries

1728 kBTransfer

3732 kBSize

9 Cookies

4 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

info.rosecrossinfo.com Open in urlscan Pro
3.231.241.38 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

95 %
HTTPS

86 %
IPv6

11
Domains

14
Subdomains

15
IPs

1
Countries

1728 kB
Transfer

3732 kB
Size

9
Cookies

83 HTTP transactions
3 data transactions