onlynurses.org Open in urlscan Pro
104.21.16.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://search.onlynurses.org.s1search.co/
Effective URL:
https://onlynurses.org/
Submission: On December 17 via api (December 17th 2024, 3:50:04 am UTC) from US — Scanned from CA

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 41 HTTP transactions. The main IP is 104.21.16.1, located in and belongs to CLOUDFLARENET, US. The main domain is onlynurses.org.
TLS certificate: Issued by WE1 on November 12th 2024. Valid for: 3 months.

This is the only time onlynurses.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.36.224 104.18.36.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.21.16.1 104.21.16.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.186.31 104.18.186.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	173.194.68.154 173.194.68.154	15169 (GOOGLE) (GOOGLE)
1	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
1	172.217.197.95 172.217.197.95	15169 (GOOGLE) (GOOGLE)
4	104.18.3.36 104.18.3.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
1	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
2	142.251.111.155 142.251.111.155	15169 (GOOGLE) (GOOGLE)
11	172.253.122.101 172.253.122.101	15169 (GOOGLE) (GOOGLE)
1	209.85.201.156 209.85.201.156	15169 (GOOGLE) (GOOGLE)
2	209.85.232.132 209.85.232.132	15169 (GOOGLE) (GOOGLE)
1	74.125.192.104 74.125.192.104	15169 (GOOGLE) (GOOGLE)
41	15

1 104.18.36.224 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

search.onlynurses.org.s1search.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.21.16.1 (None, )

ASN13335 (CLOUDFLARENET, US)

onlynurses.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.197.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.253.122.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f101.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f156.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.85.232.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f132.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.192.104 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3	73 KB
6	onlynurses.org onlynurses.org	221 KB
4	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 15296	152 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	19 KB
3	gstatic.com fonts.gstatic.com	98 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	277 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	166 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	52 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	s1search.co 1 redirects search.onlynurses.org.s1search.co	656 B
41	13

	Domain	Requested by
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	onlynurses.org	onlynurses.org
4	imagedelivery.net	onlynurses.org
3	fonts.gstatic.com	fonts.googleapis.com
3	pagead2.googlesyndication.com	onlynurses.org pagead2.googlesyndication.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdnjs.cloudflare.com	onlynurses.org cdnjs.cloudflare.com
2	cdn.jsdelivr.net	onlynurses.org
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	onlynurses.org
1	www.googletagmanager.com	onlynurses.org
1	search.onlynurses.org.s1search.co	1 redirects
41	15

This site contains no links.

Subject Issuer	Validity	Valid
onlynurses.org WE1	`2024-11-12` - `2025-02-10`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
imagedelivery.net E5	`2024-11-14` - `2025-02-12`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://onlynurses.org/
Frame ID: 54D27D59618B83215629F032C4874B2C
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 54F5CCC1EAB4A352415C23BDB14085E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8677632403930925&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1734407399&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fonlynurses.org%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734407399125&bpp=5&bdt=635&idt=382&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3656745215514&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533203%2C31089323%2C31089326%2C31089327%2C31089330%2C31089338%2C31089340%2C95332924%2C95345966&oid=2&pvsid=3339958796239861&tmod=27753011&uas=0&nvt=1&fsapi=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=417
Frame ID: 36CF7A770ABCB9216A4A2864E2091E2D
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: EFE4863F49CC0CC22FF11A0B538F2BE1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27EB41FB56C0AEB71C7E823C7F518874
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Only Nurses

Page URL History Show full URLs

https://search.onlynurses.org.s1search.co/ HTTP 307
https://onlynurses.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

41
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

15
IPs

2
Countries

1167 kB
Transfer

2476 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://search.onlynurses.org.s1search.co/ HTTP 307
https://onlynurses.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
onlynurses.org/
Redirect Chain

https://search.onlynurses.org.s1search.co/
https://onlynurses.org/

33 KB
7 KB

343ms
122ms

Document
text/html

104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onlynurses.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1796676237d708e849cbaa662ab706fb070e2b939e066c6fe191689f93435d78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f33f23f5849a210-YYZ
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 03:49:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LimgPxULs3iDLA41fFJmWWkERCIyzHLtthUh1xrSiamxpuumyGMuL5g%2Fwoj1mk4oSihxaLVF31wjLJCRx5ht%2B8p%2FVErHS1ixT1MIHveMPKhqf99gQsRchgyWkSFoNotHoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8f33f23cee1eab2d-YYZ
content-type: text/html; charset=utf-8
date: Tue, 17 Dec 2024 03:49:58 GMT
location: https://onlynurses.org/
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ 227 KB
28 KB 225ms
33ms Stylesheet
text/css 104.18.186.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age: 1459634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1RWAD%2FBiGyGo9gWEWsp2GMvTGyB1PwmvqjPjlJ8g7frVLEGwxqC9V%2Bwv6%2Ft8Lx58JihutZo42L5W964Z63dsdGQlX%2Bncjw7yXxOehBRdvqj2x4fQmsSY92%2FMegWtgo8qyQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230088-FRA, cache-lga21958-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f33f241de37ebb5-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27424
server: cloudflare
x-jsd-version: 5.3.0

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/ 100 KB
19 KB 100ms
38ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "64cac444-495a"
age: 1556046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oKk39SQFlG%2FD%2BOnlxGSKmH61Mf5C%2FMPSWGkl1Pv9BY8lPFDwX6CD20eHthCpaRphJ4bnx5GNudmRy1Hf26EjcsjJV%2BjT9Fa40Cqr7t%2FGZJNAza4WH56ugXsXtgFqrps2JB4keGvW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 03:49:58 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f33f2411fe2a226-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18778
server: cloudflare

GET
H3 200 cookie-consent.css
onlynurses.org/web/public/assets/css/ 1 KB
849 B 100ms
95ms Stylesheet
text/css 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onlynurses.org/web/public/assets/css/cookie-consent.css
Requested by: Host: onlynurses.org
URL: https://onlynurses.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3482d5f02e8ef55a4489e6e205030d037af98e02bc320e125ebddd28290b4023

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GcoYYUGGVsrRcrJUXgZxWMHhzEsQ5unN84262UkJw1FfVuiGRY5o9o6zgBf6Yfeai%2FXyTYMerPMgyFTnxnSWZOCdB2N6WSNL08Ee2OaIS%2BRf0C246c7AFZneKHDuy%2F42mw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f33f240b84aa210-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 413
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: text/css
last-modified: Fri, 06 Dec 2024 05:58:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 257ms
67ms Script
text/javascript 173.194.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8677632403930925

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f154.1e100.net

Software

cafe /

Resource Hash

a764114da7809cfc5874aa3bba9e417d64e240da2e829b71e7660290c63d883a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://onlynurses.org
Referer: https://onlynurses.org/

Response headers

content-encoding: br
etag: 6971009140019998292
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 03:49:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53298
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 211ms
79ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W5832C36ZV

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

97edb8b71e43c6685dd00647bf439a9247fa855dc5b7d0b485dc2843605c1c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 17 Dec 2024 03:49:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109715
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 236ms
72ms Stylesheet
text/css 172.217.197.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i|Poppins:700&display=swap

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f95.1e100.net

Software

ESF /

Resource Hash

729048874cc598ee60eaa9fdfe912f20f8df2c3577a06cba0c6c0b960a45d851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 03:49:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 17 Dec 2024 03:49:58 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 nursing.css
onlynurses.org/web/public/assets/css/ 14 KB
3 KB 91ms
85ms Stylesheet
text/css 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onlynurses.org/web/public/assets/css/nursing.css
Requested by: Host: onlynurses.org
URL: https://onlynurses.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0960101da8f58dc5d5f2e199bb70ef5508717442753ec11726d2d2feb390e02b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wC5NI4H%2BxKmK7pGrZFCvFKC5n%2Fwb1wGsu3inGzQ9xUhzCVLu5BayWPli%2BSt7315gzIb%2F0TIkIJNY0prducWkaokNw%2BqQE4%2Fz23VMLjCbCC7%2BoFpRrkAdE13HPpyro4qdbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f33f240b84ba210-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2549
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: text/css
last-modified: Mon, 09 Dec 2024 19:59:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 onlynurses-logo-white.png
onlynurses.org/_brandcore/img/ 45 KB
45 KB 129ms
129ms Image
image/png 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlynurses.org/_brandcore/img/onlynurses-logo-white.png
Requested by: Host: onlynurses.org
URL: https://onlynurses.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06daaf94f8d9791243d3ccb7d48b3af98acc8295c71513e03939c1b0095ba4a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmOzRe6BkXZD3VhaNNyp6PDqR8Jczb9OBvjTjEWmoYuZTB5qBkxYiNaII0VFr5Z8jO10xn5QMZXRcDfp84NfNgVfv0fV3cCR2FKJaKBxqvhAXsMCyKHBVVy%2BeeJkIM2%2FNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f33f242484ea210-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 45756
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: image/png
last-modified: Tue, 05 Mar 2024 23:27:20 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 public
imagedelivery.net/qP-vMxs4vvTYjIRlzT0GOQ/ea92e24b-d538-42ba-b48a-e3699bfdd100/ 28 KB
28 KB 175ms
70ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/qP-vMxs4vvTYjIRlzT0GOQ/ea92e24b-d538-42ba-b48a-e3699bfdd100/public

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11005c2547d6da19e90fbf7c368c656ec90ff891341c16a25c889ecaeb6f9493

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cf-cache-status: HIT
etag: "cfXk8Oez9AluNbaYvuaqHLXrORfb7C9F9CBQfA5-d8DQ"
cf-bgj: imgq:85,h2pri
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: image/avif
vary: Accept, Accept-Encoding
priority: u=2,i
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-images: internal=ok/- q=0 n=1040+87 c=0+0 v=2024.10.6 l=28560 f=false
cf-ray: 8f33f24158d0a220-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28560
server: cloudflare

GET
H3 200 public
imagedelivery.net/qP-vMxs4vvTYjIRlzT0GOQ/aecf1d55-05ac-4aa7-c326-43ae74efc400/ 48 KB
48 KB 172ms
68ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/qP-vMxs4vvTYjIRlzT0GOQ/aecf1d55-05ac-4aa7-c326-43ae74efc400/public

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9be8d5e7910e282beec74a34d50e00b84b1498cae58b2b73a2fd7fd4657fb81

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cf-cache-status: HIT
etag: "cfdh_H9zenXFmfLAh7I9-y0sPbfb7C9F9CBQfA5-d8DQ"
cf-bgj: imgq:85,h2pri
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: image/avif
vary: Accept, Accept-Encoding
priority: u=2,i
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-images: internal=ok/- q=0 n=58+876 c=0+0 v=2024.12.1 l=49061 f=false
cf-ray: 8f33f24158cea220-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 49061
server: cloudflare

GET
H3 200 public
imagedelivery.net/qP-vMxs4vvTYjIRlzT0GOQ/eb584f82-49ee-41f4-c844-3e763370b900/ 50 KB
50 KB 76ms
75ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/qP-vMxs4vvTYjIRlzT0GOQ/eb584f82-49ee-41f4-c844-3e763370b900/public

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71111a630f2c7bbb672bf3e4668cbe4eb5769a8e01ccf73f1d3381a6b6a5bb85

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cf-cache-status: HIT
etag: "cfv_fVVbQRpgcS8fUyneG13Fu5fb7C9F9CBQfA5-d8DQ"
cf-bgj: imgq:85,h2pri
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: image/avif
vary: Accept, Accept-Encoding
priority: u=2,i
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-images: internal=ok/- q=0 n=899+122 c=0+0 v=2024.10.6 l=51055 f=false
cf-ray: 8f33f2423980a220-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51055
server: cloudflare

GET
H3 200 public
imagedelivery.net/qP-vMxs4vvTYjIRlzT0GOQ/93bba7d3-adc9-4a3d-617e-3497e0749600/ 25 KB
25 KB 91ms
88ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/qP-vMxs4vvTYjIRlzT0GOQ/93bba7d3-adc9-4a3d-617e-3497e0749600/public

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cb8b1e0a4c1769e784add3594d597be9e2e0f21bbc50f8378bc19c4d1015a58

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cf-cache-status: HIT
etag: "cfd7d-MBrNoVGKPJgeUsvk7zH0fb7C9F9CBQfA5-d8DQ"
cf-bgj: imgq:85,h2pri
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: image/avif
vary: Accept, Accept-Encoding
priority: u=2,i
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-images: internal=ok/- q=0 n=20+221 c=0+0 v=2024.12.1 l=25483 f=false
cf-ray: 8f33f242498ca220-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25483
server: cloudflare

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/ 79 KB
24 KB 39ms
35ms Script
application/javascript 104.18.186.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: onlynurses.org
URL: https://onlynurses.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k"
age: 1538718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFX9sxDrG8lExgpTBJXMRICEP3iXQVRRznWaitUOXp%2FH56Y%2FtwYO19OnJ7NE1moKQ%2FBgbFmVlYLCuxf%2Btob0N2bLq2DxwQmx2WFce20%2F2TYVk0QGZndAmricuDoiv8QRdIs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220038-FRA, cache-lga21978-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f33f2424f2aebb5-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24668
server: cloudflare
x-jsd-version: 5.3.0

GET
H3 200 cookie-consent.js Show response
onlynurses.org/web/public/assets/js/ 2 KB
1 KB 88ms
86ms Script
text/javascript 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onlynurses.org/web/public/assets/js/cookie-consent.js
Requested by: Host: onlynurses.org
URL: https://onlynurses.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c6c3a946cafa02cbb5243afab64471505b4ac725ca9bdffd7b3b7539baa5a52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuxCNn%2Bz12QTnr7lMXsXi%2BXvXX9Vf35QjMc6WlzfKr7tY%2Fkm5NNIzvB8B%2FK%2FKTb4%2BURKXqHCWMQnqRAEWA0967TmRvsVRlWnmoK8mjEpVIDsU5WXaHjS3DzFneZSiTOZgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f33f242484da210-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 737
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 05:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 303ms
58ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i|Poppins:700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://onlynurses.org
Referer: https://fonts.googleapis.com/

Response headers

age: 202382
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 19:36:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 19:36:57 GMT
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47048
x-xss-protection: 0
server: sffe

GET
H3 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 291ms
46ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i|Poppins:700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://onlynurses.org
Referer: https://fonts.googleapis.com/

Response headers

age: 202223
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 19:39:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 19:39:36 GMT
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45300
x-xss-protection: 0
server: sffe

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/ 147 KB
147 KB 44ms
39ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://onlynurses.org
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "64cac444-24a04"
age: 555897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HjUhbK0Ex7HhcfdSevGsb39RzIMwDpwVajQM6sw%2FagIoA0I%2FF%2FheYgyaLZlkvPO%2B7xDSXUsQcboNp5fSFrJbZjaUqVkvZLoki3AcyUTaRecMptg4bGQAyG2rBN%2FlCrKFP1YbACrx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 03:49:58 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 17 Dec 2024 03:49:58 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f33f242cf7aa217-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 150020
server: cloudflare

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 292ms
50ms Font
font/woff2 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i|Poppins:700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://onlynurses.org
Referer: https://fonts.googleapis.com/

Response headers

age: 202701
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 19:31:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 19:31:38 GMT
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 435 KB
145 KB 174ms
40ms Script
text/javascript 173.194.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8677632403930925

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f154.1e100.net

Software

cafe /

Resource Hash

7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: br
etag: 4174761130244020438
age: 23583
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 21:16:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 16 Dec 2024 21:16:56 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147831
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 137ms
49ms Fetch
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W5832C36ZV&gtm=45je4cc1v9201792795za200&_p=1734407398747&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1644500629.1734407399&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734407399&sct=1&seg=0&dl=https%3A%2F%2Fonlynurses.org%2F&dt=Only%20Nurses&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1553
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W5832C36ZV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://onlynurses.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:49:59 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 54F5 0
0 142ms
54ms Document
text/html 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlynurses.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 79552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 05:44:07 GMT
etag: 17661348622971093804
expires: Mon, 30 Dec 2024 05:44:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 36CF 0
0 207ms
145ms Document
text/html 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8677632403930925&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1734407399&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fonlynurses.org%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734407399125&bpp=5&bdt=635&idt=382&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3656745215514&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533203%2C31089323%2C31089326%2C31089327%2C31089330%2C31089338%2C31089340%2C95332924%2C95345966&oid=2&pvsid=3339958796239861&tmod=27753011&uas=0&nvt=1&fsapi=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=417

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlynurses.org/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 167
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 03:49:59 GMT
expires: Tue, 17 Dec 2024 03:49:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-8677632403930925 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 434ms
170ms Script
application/javascript 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8677632403930925?href=https%3A%2F%2Fonlynurses.org&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

bdd971dfe03f4ac6f81ea7aff220d6b80736fcbfc2b369942d48a792c7980c88

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Mraci8tew0x0Ns5Xt5suMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:00 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAtxc7x42bybTWBD_1RrJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDI0MjPQPD-AIDAEfmRQo"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Mraci8tew0x0Ns5Xt5suMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxUjDIqXnSwkr_ikxIOSBWZpgJiF6GE_l9IaGLDW55etyFlbc7AyKkBuqRgFCOo94pb_JP8Zx3JDXKbxzfBeC9haKfD6V-GSQZa5omSezowQ-jqWmUu62iNMtlbEL6uAcDTlxRYJQg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 234ms
231ms Script
application/javascript 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUjDIqXnSwkr_ikxIOSBWZpgJiF6GE_l9IaGLDW55etyFlbc7AyKkBuqRgFCOo94pb_JP8Zx3JDXKbxzfBeC9haKfD6V-GSQZa5omSezowQ-jqWmUu62iNMtlbEL6uAcDTlxRYJQg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NDA3NDAwLDM3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9vbmx5bnVyc2VzLm9yZy8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

c60d6c960ac52698c07c6fdc40e6b86be00dee58532775dba516e22b86b57610

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NM2773OsI2OV1bLa2la--g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:00 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw05BikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcLx42bybTeDEtLsnGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACq3EYC"
content-security-policy: script-src 'report-sample' 'nonce-NM2773OsI2OV1bLa2la--g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXNxIznvg0M0nnWSI3XU0LCuuCMN1xLrYsV5-LU9rHYaQPzls9tbHCToRXMdWwtPdPLrcFWmGyJuajIgaQO8jrQW9-kTS9Kgll4YZFQO0SP3ZyPoL077MKxXP6cy82bax974rQIew== Show response
fundingchoicesmessages.google.com/f/ 10 KB
4 KB 82ms
81ms Script
application/javascript 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXNxIznvg0M0nnWSI3XU0LCuuCMN1xLrYsV5-LU9rHYaQPzls9tbHCToRXMdWwtPdPLrcFWmGyJuajIgaQO8jrQW9-kTS9Kgll4YZFQO0SP3ZyPoL077MKxXP6cy82bax974rQIew==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NDA3NDAwLDYxODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vb25seW51cnNlcy5vcmcvIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

7cee3ff8651c640e2c854c1617bfe0e601aa990d444a3ad83a88e03290cc9c48

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IrDnvnJ79PhYgHQr2EuubA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:00 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcLx42bybTWDD5_V7mZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACvR0YS"
content-security-policy: script-src 'report-sample' 'nonce-IrDnvnJ79PhYgHQr2EuubA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 393ms
62ms XHR
application/json 209.85.201.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f156.1e100.net

Software

cafe /

Resource Hash

6a0279552a6685b1566b4fd68e0c56c2dd16e52f4531bc735d24af91c5923ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12908
date: Tue, 17 Dec 2024 03:50:01 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 onlynurses-icon.png
onlynurses.org/_brandcore/img/ 163 KB
164 KB 158ms
156ms Other
image/png 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onlynurses.org/_brandcore/img/onlynurses-icon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad623d29f18bfec3dec19de0b6bcfd1411325684afa98186de5d0854214fcc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGD7nCmjFIYRHFkk1RhLnn8uIBB2RZTO5C6KUcMOLnZZCiu4Sv3RSZmAqiPQDS2qPNKQvAXiVtpfDY5dKl4SZSBJw5KfqmtUB9aGJ%2FkJ4tyY9%2FVPWTYWBzTxDYDTtaS05A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f33f24f2850a210-YYZ
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 167272
date: Tue, 17 Dec 2024 03:50:00 GMT
content-type: image/png
last-modified: Tue, 05 Mar 2024 23:27:20 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 489ms
54ms Script
text/javascript 209.85.232.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f132.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 03:50:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:01 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 display Show response
fundingchoicesmessages.google.com/f/AGSKWxVVrhW4gjqEpmj34Elw1M7D4BlKqN8RtuGoXm8PvMYKk9nxirrgH33NoXuoeLA02xaLaXjkEp4ppBfAdvtOZYA9WScoVlsEz3ObctHK5m82vWaB0j2F5URD9wBv1uWJyKuA28gljASjC3gaobflR6vk04W_0... 54 B
109 B 65ms
64ms Script
application/javascript 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVVrhW4gjqEpmj34Elw1M7D4BlKqN8RtuGoXm8PvMYKk9nxirrgH33NoXuoeLA02xaLaXjkEp4ppBfAdvtOZYA9WScoVlsEz3ObctHK5m82vWaB0j2F5URD9wBv1uWJyKuA28gljASjC3gaobflR6vk04W_0uhoS1eJ4Hmkf-6RzXKEaDEvO-k96cPl/_/adpop32./adv_left__120x600_/display?ad_/flash/ad_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

aba8b47a55fd218932d2d6dddcd814d3400da7ce7ce103fc75ddaf846abde607

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8ml2G9ddw0tZcHGib_r3jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:01 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcLx82bybTWDF_e3XGZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACsSUYS"
content-security-policy: script-src 'report-sample' 'nonce-8ml2G9ddw0tZcHGib_r3jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 251 KB
79 KB 54ms
54ms Script
text/javascript 173.194.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f154.1e100.net

Software

cafe /

Resource Hash

a67fb87dd19456cc69f586fe5ba493db4619133c3b2d32714a57a744d16972a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: br
etag: 10541954650487192719
age: 925
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 04:34:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 17 Dec 2024 03:34:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 80854
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxXUjcCv18pkkDBqPcyIkEVYcHueVNhuMITfGqwt-9IbqgnT00SklsGZaF3fcHLKsS4Y1S5LV2gbcbB__2N8tCCaD0usCJ27qOO5_-Gj_UJYkxPmTOuxgweV2pKrw5saCdPhMk-ttw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 108ms
63ms XHR
text/html 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUjcCv18pkkDBqPcyIkEVYcHueVNhuMITfGqwt-9IbqgnT00SklsGZaF3fcHLKsS4Y1S5LV2gbcbB__2N8tCCaD0usCJ27qOO5_-Gj_UJYkxPmTOuxgweV2pKrw5saCdPhMk-ttw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-emac0wTtlEdrQrg9xoctww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://onlynurses.org/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj5cvm3WwCE3qOvWJUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAAadKwc"
content-security-policy: script-src 'report-sample' 'nonce-emac0wTtlEdrQrg9xoctww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://onlynurses.org
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUjcCv18pkkDBqPcyIkEVYcHueVNhuMITfGqwt-9IbqgnT00SklsGZaF3fcHLKsS4Y1S5LV2gbcbB__2N8tCCaD0usCJ27qOO5_-Gj_UJYkxPmTOuxgweV2pKrw5saCdPhMk-ttw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uqfYu7fpVFTvfEu1TmY0zQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://onlynurses.org/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj5cvm3WwCHZfnn2FScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAAszKw8"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uqfYu7fpVFTvfEu1TmY0zQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://onlynurses.org
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUjcCv18pkkDBqPcyIkEVYcHueVNhuMITfGqwt-9IbqgnT00SklsGZaF3fcHLKsS4Y1S5LV2gbcbB__2N8tCCaD0usCJ27qOO5_-Gj_UJYkxPmTOuxgweV2pKrw5saCdPhMk-ttw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vs6TGUuQKsv0vYxOg9bjtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://onlynurses.org/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj5cvm3WwCB7Y332ZScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAA5vKxs"
content-security-policy: script-src 'report-sample' 'nonce-vs6TGUuQKsv0vYxOg9bjtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://onlynurses.org
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUjcCv18pkkDBqPcyIkEVYcHueVNhuMITfGqwt-9IbqgnT00SklsGZaF3fcHLKsS4Y1S5LV2gbcbB__2N8tCCaD0usCJ27qOO5_-Gj_UJYkxPmTOuxgweV2pKrw5saCdPhMk-ttw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yg7BJeGh_mo0t4VPdNZunQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://onlynurses.org/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj5cvm3WwCPx78vcWk5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAE4TK_c"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yg7BJeGh_mo0t4VPdNZunQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://onlynurses.org
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWkjIRHf9WXXQCQJ9vHDD8jWtLEVxB3DOndr15k9CJzuuxMRnbmZuIeosSi0Z_csUFwboyqdECGJ6CbB7fMvhiGGASWZJ1Z7BG7V9fqVgllL4oYIjHK_ALRhAcfJ2V3bOhrLb-b4A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 84ms
84ms Script
application/javascript 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkjIRHf9WXXQCQJ9vHDD8jWtLEVxB3DOndr15k9CJzuuxMRnbmZuIeosSi0Z_csUFwboyqdECGJ6CbB7fMvhiGGASWZJ1Z7BG7V9fqVgllL4oYIjHK_ALRhAcfJ2V3bOhrLb-b4A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NDA3NDAxLDY5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9vbmx5bnVyc2VzLm9yZy8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

468635d262e603c1a754bae3bbd1545745d93ecb17da2a88ec13078ac0cb57eb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jkB5vAyHnpqpP8aMepD-DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://onlynurses.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:01 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcLx82bybTaBj2qSnTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhkaGRnoGhvEFBgCUuUWS"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jkB5vAyHnpqpP8aMepD-DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame EFE4 0
0 167ms
50ms Document
text/html 209.85.232.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlynurses.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 03:14:12 GMT
expires: Tue, 17 Dec 2024 04:04:12 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 27EB 0
0 177ms
61ms Document
text/html 74.125.192.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.192.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f104.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0HV6Z5sKv7bPodeE2e3rkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlynurses.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0HV6Z5sKv7bPodeE2e3rkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 03:50:01 GMT
expires: Tue, 17 Dec 2024 03:50:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxVa9_7_s3MaxleN6MEwKh1k0pc3php4l4SfJKZDFHGk7yb8gelkYyQD1ZjV-r9hckHQGFiJhzf3XBmkFsHb5Lr5vUMTJ_tHsGZiR2gZq6oyNNeWcBmpwhcFbdx556iN6HOqX3b48g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 67ms
64ms XHR
text/html 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVa9_7_s3MaxleN6MEwKh1k0pc3php4l4SfJKZDFHGk7yb8gelkYyQD1ZjV-r9hckHQGFiJhzf3XBmkFsHb5Lr5vUMTJ_tHsGZiR2gZq6oyNNeWcBmpwhcFbdx556iN6HOqX3b48g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qA8ric8FbTAObRzN_ZwHdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://onlynurses.org/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj5cvm3WwCN85P7WRWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAAZgKwI"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qA8ric8FbTAObRzN_ZwHdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://onlynurses.org
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUjcCv18pkkDBqPcyIkEVYcHueVNhuMITfGqwt-9IbqgnT00SklsGZaF3fcHLKsS4Y1S5LV2gbcbB__2N8tCCaD0usCJ27qOO5_-Gj_UJYkxPmTOuxgweV2pKrw5saCdPhMk-ttw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KYz4KLK1TF8YyJMVC44VTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://onlynurses.org/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 03:50:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj5cvm3WwCP2Zt7GRWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAAxaKxI"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KYz4KLK1TF8YyJMVC44VTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://onlynurses.org
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=3339958796239861&bg=!FRalFlnNAAbtGp3CzRo7ADQBe5WfOObeWZjVkLuJHGCeXNK_rNFVOeyizyQPVFlrzmIR2-WBBt1EovZbtZMxOwNtVooxAgAAAF5SAAAAA2gBB34ANi5p5z83kOOomuxBKIDYCDCDzx8_RM-czU-PUrvEKjQ2701zrlMq7hTlx2IND5JRpDd1GAgo85kCl7I9HRQUSZQrxLSN-E7M3MThZJ03kkQN_2_FLQUgo_29D8-NaDJ0NXB7P1iTVWbm9CenkV5uNoO4j7Ti4AFxfgL4GJz0wc0wRx7kCgG-3VKkBxoxA7D52dRNwdi41rxdDSKkcMNjC-g4_wYm3q7qa--kHaQdigWWL4OaKka5_vXG-aSpt8j_tan3KqR-rs-My5mMI-GIq40dIF3275LjewB-Wtw9tO-6HiN0R-_Y-QLt0pSf-_Y6BtaRD40S-gX-TXV-7les8Kx3HfmTmbswK0LGXq77sLV1MJTZP9NhSrrjVjYPdOdI4U3g0cEeuyq0A1yTFtrSfvrWCE774IqKHTr_PNot6Xk9SShm__8ow4ZLGKqs0uiZYT5EYUlgZDtXS6qhy3r-bPlpY99R_7LU2TddLdowMSRNDnWR_8obr_BXV2tqrHaT7jASbhgLpx49dfa5xnrRcMf7AT3k7-fL1xpbmofeTHP6mO_YFvQ2Tpqe12nPDEQGUcrbo_Me_KlobPZxQQTLPc8G3xqaIaCn6XUuVyMxLGfsIyOFD3TZIcnoa8kv83z07kQMCJqobFC7Ka4Vu8xXNSPgvJYflCsHn4PVssY79UsbRqUjg8J32X5TgSEU9Y3xnU0knwrmpFqjk6Zm4LWwqHL_-j5LP76HFKeCLs6RxqWFsxMe5vOi_wHEkKMb1h94ZQ4GShLsmPXnKhclQ8F71WhBTfIW-RoR8Oyl8wSU1Wtl6YXwnWU6U2PiIeKSUppejJaEcN4OA4hCCanhUskYfOEpkvcQoPqTTQuFmYXT57a39Nc6zr26z27thA7qUV9qlHEfmQXwzjngC9AKfn3lD4SsUTW98bA52HhulF3SAHbWBiwqqNOCmvTYR5NIpe-aNg

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
search.onlynurses.org.s1search.co/	1970-01-21 10:32:23	Name: s1_userid Value: nJsdGmj2Wfk8Pzqs9oml
.search.onlynurses.org.s1search.co/	1970-01-21 01:46:49	Name: __cf_bm Value: ia4rTnct38bYi8OklYxi35DGCv6Pwjb7GODb4tVac84-1734407398-1.0.1.1-OLgqc_H.qNDHZieuoOf3cKHbnWsqEZkBb0C_EW42gCrrJHfRhmb1nbKu4I_akiPogLYo6uLXO7yRDB_SSbF_Kg
.onlynurses.org/	1970-01-21 11:22:47	Name: _ga_W5832C36ZV Value: GS1.1.1734407399.1.0.1734407399.0.0.0
.onlynurses.org/	1970-01-21 11:22:47	Name: _ga Value: GA1.1.1644500629.1734407399
.doubleclick.net/	1970-01-21 01:46:48	Name: test_cookie Value: CheckForPermission
.onlynurses.org/	1970-01-21 10:32:23	Name: FCNEC Value: %5B%5B%22AKsRol_6wJsXNChHjKquhrUo8iNQW9rcb1C62YUlzbBeStD3oZpzrCM7-eMnDtDRWhRLZ2o8NjyqCoQOMebUc3w8nNOHcJfLbiwMGoiwD3wwkKlqvFiLQVt_V7PRr0w7nh01RHw-KrMvvsRLiNmryb94mZtTjq7WQw%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imagedelivery.net
onlynurses.org
pagead2.googlesyndication.com
search.onlynurses.org.s1search.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
104.17.25.14
104.18.186.31
104.18.3.36
104.18.36.224
104.21.16.1
142.251.111.155
172.217.197.95
172.217.222.97
172.253.122.101
172.253.63.94
173.194.68.154
209.85.201.156
209.85.232.132
216.239.36.178
74.125.192.104
06daaf94f8d9791243d3ccb7d48b3af98acc8295c71513e03939c1b0095ba4a8
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0960101da8f58dc5d5f2e199bb70ef5508717442753ec11726d2d2feb390e02b
11005c2547d6da19e90fbf7c368c656ec90ff891341c16a25c889ecaeb6f9493
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1796676237d708e849cbaa662ab706fb070e2b939e066c6fe191689f93435d78
3482d5f02e8ef55a4489e6e205030d037af98e02bc320e125ebddd28290b4023
3c6c3a946cafa02cbb5243afab64471505b4ac725ca9bdffd7b3b7539baa5a52
468635d262e603c1a754bae3bbd1545745d93ecb17da2a88ec13078ac0cb57eb
4ad623d29f18bfec3dec19de0b6bcfd1411325684afa98186de5d0854214fcc4
4cb8b1e0a4c1769e784add3594d597be9e2e0f21bbc50f8378bc19c4d1015a58
6a0279552a6685b1566b4fd68e0c56c2dd16e52f4531bc735d24af91c5923ee8
71111a630f2c7bbb672bf3e4668cbe4eb5769a8e01ccf73f1d3381a6b6a5bb85
729048874cc598ee60eaa9fdfe912f20f8df2c3577a06cba0c6c0b960a45d851
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
7cee3ff8651c640e2c854c1617bfe0e601aa990d444a3ad83a88e03290cc9c48
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
97edb8b71e43c6685dd00647bf439a9247fa855dc5b7d0b485dc2843605c1c51
a67fb87dd19456cc69f586fe5ba493db4619133c3b2d32714a57a744d16972a8
a764114da7809cfc5874aa3bba9e417d64e240da2e829b71e7660290c63d883a
a9be8d5e7910e282beec74a34d50e00b84b1498cae58b2b73a2fd7fd4657fb81
aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04
aba8b47a55fd218932d2d6dddcd814d3400da7ce7ce103fc75ddaf846abde607
bdd971dfe03f4ac6f81ea7aff220d6b80736fcbfc2b369942d48a792c7980c88
c60d6c960ac52698c07c6fdc40e6b86be00dee58532775dba516e22b86b57610
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

onlynurses.org Open in urlscan Pro 104.21.16.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

0 %IPv6

13 Domains

15 Subdomains

15 IPs

2 Countries

1167 kBTransfer

2476 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onlynurses.org Open in urlscan Pro
104.21.16.1 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

15
IPs

2
Countries

1167 kB
Transfer

2476 kB
Size

6
Cookies

41 HTTP transactions
0 data transactions